%3CLINGO-SUB%20id%3D%22lingo-sub-347290%22%20slang%3D%22en-US%22%3EConfiguring%20FTP%207.5%20with%20Host%20Header%20and%20SSL%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-347290%22%20slang%3D%22en-US%22%3E%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EFTP%207.5%20comes%20with%20new%20features%20like%20supporting%20Host%20headers%20(Virtual%20host)%20and%20SSL.%20For%20compatibility%20purposes%2C%20FTP%20clients%26nbsp%3Bcan%20check%20whether%20the%20FTP%20server%20supports%20host%20headers%20by%20sending%20a%20FEAT%20command%20to%20check%20for%20supported%20features.%20An%20FTP%20server%20would%20respond%20with%20HOST%20being%20one%20of%20the%20extended%20features%20supported%20by%20it%20and%20from%20here%20on%20client%20can%20use%20this%20feature.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EThere%20are%20two%20ways%20of%20using%20this%20feature%20currently%20by%20the%20FTP%20clients%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E1.%20They%20can%20send%20the%20virtual%20host%20name%20along%20with%20the%20Username%20while%20getting%20authenticated%20by%20the%20FTP%20server%20as%20below%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20class%3D%22error%22%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EC%3A%5C%26gt%3Bftp%20ftp.me.com%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EConnected%20to%20ftp.me.com.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E220%20Microsoft%20FTP%20Service%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EUser%20(ftp.me.com%3A(none))%3A%20ftp.me.com%7C%3CUSERNAME%3E%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E331%20Password%20required%20for%20ftp.me.com%7C%3CUSERNAME%3E%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EPassword%3A%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E230%20User%20logged%20in.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3Eftp%26gt%3B%3C%2FUSERNAME%3E%3C%2FUSERNAME%3E%3C%2FP%3E%0A%3C%2FDIV%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3Eor%2C%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E2.%20They%20can%20send%20the%20following%20command%20to%20connect%20to%20a%20specific%20Virtual%20host%20name%20as%20below%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20class%3D%22error%22%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3Eftp%26gt%3B%20quote%20host%20ftp.me.com%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E220%20Host%20accepted.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3Eftp%26gt%3B%20user%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EUsername%20%3CUSERNAME%3E%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E331%20Password%20required%20for%20%3CUSERNAME%3E.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EPassword%3A%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E230%20User%20logged%20in.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3Eftp%26gt%3B%3C%2FUSERNAME%3E%3C%2FUSERNAME%3E%3C%2FP%3E%0A%3C%2FDIV%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EIn%20this%20example%26nbsp%3Bthe%20test%20is%20done%20through%20the%20default%20ftp.exe%20that%20comes%20bundled%20with%20Windows%20OS.%20Smart%20FTP%20clients%20can%20send%20the%20HOST%20seamlessly%20without%20the%20end%20user%20knowing%20about%20it.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EIf%20you%20are%20setting%20up%20your%20FTP%20site%20on%20IIS%207%20over%20SSL%20using%20the%20host%20header%20there%20are%20some%20caveats%20you%20need%20to%20remember%20as%20discussed%20below.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EI%20have%20an%20FTP%20site%20as%20shown%20below%20which%20is%20using%20a%20Host%20header%20and%20is%20configured%20to%20accept%20SSL%20connections.%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%23337ab7%3B%20text-decoration%3A%20none%3B%22%20href%3D%22https%3A%2F%2Fmsdnshared.blob.core.windows.net%2Fmedia%2FTNBlogsFS%2FBlogFileStorage%2Fblogs_msdn%2Fwebtopics%2FWindowsLiveWriter%2FConfiguringFTP7.5withHostHeaderandSSL_8B0C%2Fimage_2.png%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CIMG%20width%3D%22455%22%20height%3D%22152%22%20title%3D%22image%22%20style%3D%22border-image-outset%3A%200%3B%20border-image-repeat%3A%20stretch%3B%20border-image-slice%3A%20100%25%3B%20border-image-source%3A%20none%3B%20border-image-width%3A%201%3B%20box-sizing%3A%20border-box%3B%20display%3A%20inline%3B%20height%3A%20auto%3B%20max-width%3A%20100%25%3B%20vertical-align%3A%20middle%3B%20border%3A%200px%20none%20currentColor%3B%22%20alt%3D%22image%22%20src%3D%22https%3A%2F%2Fmsdnshared.blob.core.windows.net%2Fmedia%2FTNBlogsFS%2FBlogFileStorage%2Fblogs_msdn%2Fwebtopics%2FWindowsLiveWriter%2FConfiguringFTP7.5withHostHeaderandSSL_8B0C%2Fimage_thumb.png%22%20border%3D%220%22%20%2F%3E%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EUnder%20FTP%20SSL%20Settings%20I%20have%20the%20following%20configuration%20as%20shown%20below%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E%3CA%20style%3D%22background-color%3A%20transparent%3B%20box-sizing%3A%20border-box%3B%20color%3A%20%23337ab7%3B%20text-decoration%3A%20none%3B%22%20href%3D%22https%3A%2F%2Fmsdnshared.blob.core.windows.net%2Fmedia%2FTNBlogsFS%2FBlogFileStorage%2Fblogs_msdn%2Fwebtopics%2FWindowsLiveWriter%2FConfiguringFTP7.5withHostHeaderandSSL_8B0C%2Fimage_4.png%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3E%3CIMG%20width%3D%22436%22%20height%3D%22294%22%20title%3D%22image%22%20style%3D%22border-image-outset%3A%200%3B%20border-image-repeat%3A%20stretch%3B%20border-image-slice%3A%20100%25%3B%20border-image-source%3A%20none%3B%20border-image-width%3A%201%3B%20box-sizing%3A%20border-box%3B%20display%3A%20inline%3B%20height%3A%20auto%3B%20max-width%3A%20100%25%3B%20vertical-align%3A%20middle%3B%20border%3A%200px%20none%20currentColor%3B%22%20alt%3D%22image%22%20src%3D%22https%3A%2F%2Fmsdnshared.blob.core.windows.net%2Fmedia%2FTNBlogsFS%2FBlogFileStorage%2Fblogs_msdn%2Fwebtopics%2FWindowsLiveWriter%2FConfiguringFTP7.5withHostHeaderandSSL_8B0C%2Fimage_thumb_1.png%22%20border%3D%220%22%20%2F%3E%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EIf%20we%20try%20to%20access%20the%20FTP%20site%20using%20an%20SSL%20enabled%20FTP%20client%20it%20will%20fail%20as%20shown%20below%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20class%3D%22error%22%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3ECommand%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20AUTH%20TLS%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20534-Local%20policy%20on%20server%20does%20not%20allow%20TLS%20secure%20connections.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Win32%20error%3A%26nbsp%3B%26nbsp%3B%20Access%20is%20denied.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Error%20details%3A%20SSL%20certificate%20was%20not%20configured.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20534%20End%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3ECommand%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20AUTH%20SSL%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20534-Local%20policy%20on%20server%20does%20not%20allow%20TLS%20secure%20connections.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Win32%20error%3A%26nbsp%3B%26nbsp%3B%20Access%20is%20denied.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Error%20details%3A%20SSL%20certificate%20was%20not%20configured.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20534%20End%3C%2FP%3E%0A%3C%2FDIV%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E%3CFONT%20size%3D%221%22%20style%3D%22box-sizing%3A%20border-box%3B%22%3E%26nbsp%3B%26nbsp%3B%20*Output%20from%20Filezilla%20FTP%20client%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E%3CSTRONG%20style%3D%22box-sizing%3A%20border-box%3B%20font-weight%3A%20bold%3B%22%3ENOTE%3A%20AUTH%20TLS%2FSSL%20Negotiation%20for%20Primary%20connection%20is%20done%20based%20on%20the%20certificate%20at%20the%20global%20level%20and%20uses%20the%20certificate%20installed%20at%20the%20site%20level%20for%20Data%20connection.%3C%2FSTRONG%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3ESome%20FTP%20clients%20like%20FileZilla%20require%20the%20same%20SSL%20certificate%20to%20be%20used%20for%20both%20the%20control%20and%20the%20data%20channel.%20If%20the%20certificates%20don%E2%80%99t%20match%20the%20primary%20connection%20will%20be%20established%20but%20the%20data%20transfer%20connection%20will%20be%20aborted%20as%20shown%20below%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20class%3D%22error%22%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3ECommand%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20LIST%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20150%20Opening%20BINARY%20mode%20data%20connection.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EError%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Primary%20connection%20and%20data%20connection%20certificates%20don't%20match.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EError%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Transfer%20connection%20interrupted%3A%20ECONNABORTED%20-%20Connection%20aborted%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20226%20Transfer%20complete.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EError%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Failed%20to%20retrieve%20directory%20listing%3C%2FP%3E%0A%3C%2FDIV%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E%3CFONT%20size%3D%221%22%20style%3D%22box-sizing%3A%20border-box%3B%22%3E%26nbsp%3B%26nbsp%3B%20*Output%20from%20Filezilla%20FTP%20client%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3EIf%20we%20have%20the%20SSL%20Certificate%20only%20at%20the%20global%20level%20and%20not%20at%20the%20FTP%20site%20level%20we%20will%20see%20an%20error%20again%20as%20below%3A%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CDIV%20class%3D%22error%22%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%22%3E%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3ECommand%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20PROT%20P%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20431-Failed%20to%20setup%20secure%20session.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Win32%20error%3A%26nbsp%3B%26nbsp%3B%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Error%20details%3A%20SSL%20certificate%20hash%20has%20invalid%20length.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20431%20End%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E....%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3E....%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3ECommand%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20LIST%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20534-Protection%20level%20negotiation%20failed.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Win32%20error%3A%26nbsp%3B%26nbsp%3B%20Access%20is%20denied.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Error%20details%3A%20Protection%20negotiation%20failed.%20PROT%20command%20with%20recognized%20parameter%20must%20precede%20this%20command.%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EResponse%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20534%20End%20%3CBR%20style%3D%22box-sizing%3A%20border-box%3B%22%20%2F%3EError%3A%26nbsp%3B%26nbsp%3B%26nbsp%3B%20Failed%20to%20retrieve%20directory%20listing%3C%2FP%3E%0A%3C%2FDIV%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E%3CFONT%20size%3D%221%22%20style%3D%22box-sizing%3A%20border-box%3B%22%3E%26nbsp%3B%26nbsp%3B%20*Output%20from%20FileZilla%20FTP%20client%3C%2FFONT%3E%3C%2FP%3E%0A%3CP%3E%26nbsp%3B%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3ESo%20overall%2C%20we%20need%20to%20ensure%20that%20a%20valid%20SSL%20certificate%20is%20set%20both%20at%20the%20global%20and%20the%20individual%20FTP%20site%20levels.%20It%20finally%20depends%20upon%20the%20FTP%20client%20whether%20to%20expect%20the%20same%20certificate%20or%20different%20ones%20for%20primary%20and%20data%20connections.%3C%2FP%3E%0A%3CP%20style%3D%22box-sizing%3A%20border-box%3B%20color%3A%20%23333333%3B%20font-family%3A%20%26amp%3Bquot%3B%20segoe%20ui%26amp%3Bquot%3B%2Ctahoma%2Carial%2C%26amp%3Bquot%3Bhelvetica%20neue%26amp%3Bquot%3B%2Chelvetica%2Csans-serif%3B%20font-size%3A%2014px%3B%20font-style%3A%20normal%3B%20font-variant%3A%20normal%3B%20font-weight%3A%20400%3B%20letter-spacing%3A%20normal%3B%20orphans%3A%202%3B%20text-align%3A%20left%3B%20text-decoration%3A%20none%3B%20text-indent%3A%200px%3B%20text-transform%3A%20none%3B%20-webkit-text-stroke-width%3A%200px%3B%20white-space%3A%20normal%3B%20word-spacing%3A%200px%3B%20margin%3A%200px%200px%2010px%200px%3B%22%3E%3CSTRONG%3EAuthor%3A%20Saur212%3C%2FSTRONG%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E

FTP 7.5 comes with new features like supporting Host headers (Virtual host) and SSL. For compatibility purposes, FTP clients can check whether the FTP server supports host headers by sending a FEAT command to check for supported features. An FTP server would respond with HOST being one of the extended features supported by it and from here on client can use this feature.

 

There are two ways of using this feature currently by the FTP clients:

 

1. They can send the virtual host name along with the Username while getting authenticated by the FTP server as below:

 


C:\>ftp ftp.me.com
Connected to ftp.me.com.
220 Microsoft FTP Service
User (ftp.me.com:(none)): ftp.me.com|<username>
331 Password required for ftp.me.com|<username>
Password:
230 User logged in.
ftp>

 

or,

 

2. They can send the following command to connect to a specific Virtual host name as below:

 


ftp> quote host ftp.me.com
220 Host accepted.
ftp> user
Username <username>
331 Password required for <username>.
Password:
230 User logged in.
ftp>

 

In this example the test is done through the default ftp.exe that comes bundled with Windows OS. Smart FTP clients can send the HOST seamlessly without the end user knowing about it.

 

If you are setting up your FTP site on IIS 7 over SSL using the host header there are some caveats you need to remember as discussed below.

 

I have an FTP site as shown below which is using a Host header and is configured to accept SSL connections.

 

image

 

Under FTP SSL Settings I have the following configuration as shown below:

 

image

 

If we try to access the FTP site using an SSL enabled FTP client it will fail as shown below:

 


Command:    AUTH TLS
Response:    534-Local policy on server does not allow TLS secure connections.
Response:     Win32 error:   Access is denied.
Response:     Error details: SSL certificate was not configured.
Response:    534 End
Command:    AUTH SSL
Response:    534-Local policy on server does not allow TLS secure connections.
Response:     Win32 error:   Access is denied.
Response:     Error details: SSL certificate was not configured.
Response:    534 End

 

   *Output from Filezilla FTP client

 

NOTE: AUTH TLS/SSL Negotiation for Primary connection is done based on the certificate at the global level and uses the certificate installed at the site level for Data connection.

 

Some FTP clients like FileZilla require the same SSL certificate to be used for both the control and the data channel. If the certificates don’t match the primary connection will be established but the data transfer connection will be aborted as shown below:

 


Command:    LIST
Response:    150 Opening BINARY mode data connection.
Error:    Primary connection and data connection certificates don't match.
Error:    Transfer connection interrupted: ECONNABORTED - Connection aborted
Response:    226 Transfer complete.
Error:    Failed to retrieve directory listing

 

   *Output from Filezilla FTP client

 

If we have the SSL Certificate only at the global level and not at the FTP site level we will see an error again as below:

 


Command:    PROT P
Response:    431-Failed to setup secure session.
Response:     Win32 error:  
Response:     Error details: SSL certificate hash has invalid length.
Response:    431 End
....
....
Command:    LIST
Response:    534-Protection level negotiation failed.
Response:     Win32 error:   Access is denied.
Response:     Error details: Protection negotiation failed. PROT command with recognized parameter must precede this command.
Response:    534 End
Error:    Failed to retrieve directory listing

 

   *Output from FileZilla FTP client

 

So overall, we need to ensure that a valid SSL certificate is set both at the global and the individual FTP site levels. It finally depends upon the FTP client whether to expect the same certificate or different ones for primary and data connections.

Author: Saur212