Hi Namlak,

To see where your settings are stored, select "Help > Support". Click "Explore settings folder". Renaming "TrustedSSLCerts.p7b" should clear out the stored certificate information so you're prompted the next time you connect.

Deleting that file was the first thing I tried before moving on to the other files, deleting the folder entirely, un/re-installing, etc.

To clear out all of BC3's settings, go to the Help menu -> Support; and click the blue link to Explore the Settings folder.

Backup these files, first, before deleting or moving any out of the folder. I would recommend backing them up with the Tools menu -> Export Settings command as well. This will allow you to then re-import specific sessions or settings.

An Unisntall/Reinstall do not remove these settings. They have to be removed manually.

Can you send a copy of your FTP log to [email protected]? BC doesn't store SSL certificates anywhere other than that file; we don't use the registry and we don't use whatever support Windows has built-in. That sounds more like a configuration issue with the server. Have you verified that you can connect using SSL through another FTP client (Filezilla, for example)?

I will get you a log soon. Yes, I can connect to the server with other clients and with this exact install on this exact machine under a different user account.

10/21/2009 2:12:20 PM Username: <obscured>
10/21/2009 2:12:20 PM Stat> Connected.
10/21/2009 2:12:20 PM Recv> 220 <obscured> X2 WS_FTP Server 7.1(86885346)
10/21/2009 2:12:20 PM Sent> HOST <obscured>
10/21/2009 2:12:20 PM Recv> 200 Command HOST succeed
10/21/2009 2:12:20 PM Sent> AUTH TLS
10/21/2009 2:12:20 PM Recv> 234 SSL enabled and waiting for negotiation
10/21/2009 2:12:21 PM Stat> Disconnected.
10/21/2009 2:12:21 PM Stat> Connected.
10/21/2009 2:12:21 PM Recv> 220 <obscured> X2 WS_FTP Server 7.1(95322576)
10/21/2009 2:12:21 PM Sent> AUTH TLS
10/21/2009 2:12:21 PM Recv> 234 SSL enabled and waiting for negotiation
10/21/2009 2:12:21 PM Stat> Disconnected.
10/21/2009 2:12:21 PM SSL is not available on this server.
10/21/2009 2:12:21 PM Load comparison: <->

From FileZilla, a sucessful login:

Status: Resolving address of <obscured>
Status: Connecting to <obscured>:21...
Status: Connection established, waiting for welcome message...
Response: 220 <obscured> X2 WS_FTP Server 7.1(52288001)
Command: AUTH TLS
Response: 234 SSL enabled and waiting for negotiation
Status: Initializing TLS...
Status: Verifying certificate...
Command: USER <obscured>
Status: TLS/SSL connection established.
Response: 331 Enter password
Command: PASS ******************
Response: 230 User logged in
Command: SYST
Response: 215 UNIX
Command: FEAT
Response: 211-Extensions supported
Response: SIZE
Response: XMD5
Response: XSHA1
Response: XSHA256
Response: XSHA512
Response: XQUOTA
Response: LANG EN, ES, FR, GE
Response: MDTM
Response: MLST size*;type*;perm*;create*;modify*;
Response: REST STREAM
Response: TVFS
Response: UTF8
Response: AUTH SSL;TLS-P;
Response: PBSZ
Response: PROT C;P;
Response: 211 end
Command: PBSZ 0
Response: 200 PBSZ=0
Command: PROT P
Response: 200 PRIVATE data channel protection level set
Status: Connected
Status: Retrieving directory listing...
Command: CWD <obscured>
Response: 250 Command CWD succeed
Command: PWD
Response: 257 "/<obscured>" is current directory
Command: TYPE I
Response: 200 Transfer mode set to BINARY
Command: PASV
Response: 227 Entering Passive Mode (<obscured>).
Command: LIST
Response: 125 Transferring directory
Response: 226 Transfer completed
Status: Directory listing successful

From the exact same install on the exact same box but RunAs a local administrator (I'll try to get a login on this box by a non-admin but corporate rules may prevent that). It's worth noting that I have to accept the certificate here but in the failure mode under my normal account, it fails without any interaction.

10/21/2009 2:18:15 PM Username: <obscured>
10/21/2009 2:18:16 PM Stat> Connected.
10/21/2009 2:18:16 PM Recv> 220 <obscured> X2 WS_FTP Server 7.1(41771586)
10/21/2009 2:18:16 PM Sent> HOST <obscured>
10/21/2009 2:18:16 PM Recv> 200 Command HOST succeed
10/21/2009 2:18:16 PM Sent> AUTH TLS
10/21/2009 2:18:16 PM Recv> 234 SSL enabled and waiting for negotiation
10/21/2009 2:18:20 PM Sent> USER <obscured>
10/21/2009 2:18:20 PM Recv> 331 Enter password
10/21/2009 2:18:20 PM Sent> PASS ********
10/21/2009 2:18:20 PM Recv> 230 User logged in
10/21/2009 2:18:20 PM Sent> FEAT
10/21/2009 2:18:20 PM Recv> 211-Extensions supported
10/21/2009 2:18:20 PM SIZE
10/21/2009 2:18:20 PM XMD5
10/21/2009 2:18:20 PM XSHA1
10/21/2009 2:18:20 PM XSHA256
10/21/2009 2:18:20 PM XSHA512
10/21/2009 2:18:20 PM XQUOTA
10/21/2009 2:18:20 PM LANG EN, ES, FR, GE
10/21/2009 2:18:20 PM MDTM
10/21/2009 2:18:20 PM MLST size*;type*;perm*;create*;modify*;
10/21/2009 2:18:20 PM REST STREAM
10/21/2009 2:18:20 PM TVFS
10/21/2009 2:18:20 PM UTF8
10/21/2009 2:18:20 PM AUTH SSL;TLS-P;
10/21/2009 2:18:20 PM PBSZ
10/21/2009 2:18:20 PM PROT C;P;
10/21/2009 2:18:20 PM 211 end
10/21/2009 2:18:20 PM Sent> TYPE I
10/21/2009 2:18:20 PM Recv> 200 Transfer mode set to BINARY
10/21/2009 2:18:20 PM Sent> SYST
10/21/2009 2:18:20 PM Recv> 215 UNIX
10/21/2009 2:18:20 PM Sent> OPTS UTF8 ON
10/21/2009 2:18:20 PM Recv> 200 Command OPTS succeed
10/21/2009 2:18:20 PM Sent> PWD
10/21/2009 2:18:21 PM Recv> 257 "/<obscured>" is current directory
10/21/2009 2:18:21 PM Sent> REST 1
10/21/2009 2:18:21 PM Recv> 350 Restart from 1
10/21/2009 2:18:21 PM Sent> REST 0
10/21/2009 2:18:21 PM Recv> 350 Restart from 0
10/21/2009 2:18:21 PM Sent> CWD <obscured>
10/21/2009 2:18:21 PM Recv> 250 Command CWD succeed
10/21/2009 2:18:21 PM Sent> PWD
10/21/2009 2:18:21 PM Recv> 257 "/<obscured>" is current directory
10/21/2009 2:18:21 PM Sent> PBSZ 0
10/21/2009 2:18:21 PM Recv> 200 PBSZ=0
10/21/2009 2:18:21 PM Sent> PROT P
10/21/2009 2:18:21 PM Recv> 200 PRIVATE data channel protection level set
10/21/2009 2:18:21 PM Sent> PASV
10/21/2009 2:18:22 PM Recv> 227 Entering Passive Mode (<obscured>).
10/21/2009 2:18:22 PM Sent> MLSD
10/21/2009 2:18:22 PM Recv> 125 Transferring directory
10/21/2009 2:18:22 PM Recv> 226 Transfer completed
10/21/2009 2:18:22 PM Load comparison: <obscured> <->

Successful connection through BC via another normal non-administrative user account with the exct same install on the exact same box:

10/21/2009 2:38:04 PM Username: <obscured>
10/21/2009 2:38:04 PM Load comparison: <->
10/21/2009 2:38:12 PM Stat> Connected.
10/21/2009 2:38:12 PM Recv> 220 <obscured> X2 WS_FTP Server 7.1(05607481)
10/21/2009 2:38:12 PM Sent> HOST <obscured>
10/21/2009 2:38:12 PM Recv> 200 Command HOST succeed
10/21/2009 2:38:12 PM Sent> AUTH TLS
10/21/2009 2:38:12 PM Recv> 234 SSL enabled and waiting for negotiation
10/21/2009 2:38:15 PM Sent> USER <obscured>
10/21/2009 2:38:15 PM Recv> 331 Enter password
10/21/2009 2:38:15 PM Sent> PASS ********
10/21/2009 2:38:15 PM Recv> 230 User logged in
10/21/2009 2:38:15 PM Sent> FEAT
10/21/2009 2:38:15 PM Recv> 211-Extensions supported
10/21/2009 2:38:15 PM SIZE
10/21/2009 2:38:15 PM XMD5
10/21/2009 2:38:15 PM XSHA1
10/21/2009 2:38:15 PM XSHA256
10/21/2009 2:38:15 PM XSHA512
10/21/2009 2:38:15 PM XQUOTA
10/21/2009 2:38:15 PM LANG EN, ES, FR, GE
10/21/2009 2:38:15 PM MDTM
10/21/2009 2:38:15 PM MLST size*;type*;perm*;create*;modify*;
10/21/2009 2:38:15 PM REST STREAM
10/21/2009 2:38:15 PM TVFS
10/21/2009 2:38:15 PM UTF8
10/21/2009 2:38:15 PM AUTH SSL;TLS-P;
10/21/2009 2:38:15 PM PBSZ
10/21/2009 2:38:15 PM PROT C;P;
10/21/2009 2:38:15 PM 211 end
10/21/2009 2:38:15 PM Sent> TYPE I
10/21/2009 2:38:15 PM Recv> 200 Transfer mode set to BINARY
10/21/2009 2:38:15 PM Sent> SYST
10/21/2009 2:38:15 PM Recv> 215 UNIX
10/21/2009 2:38:15 PM Sent> OPTS UTF8 ON
10/21/2009 2:38:15 PM Recv> 200 Command OPTS succeed
10/21/2009 2:38:15 PM Sent> PWD
10/21/2009 2:38:15 PM Recv> 257 "/<obscured>" is current directory
10/21/2009 2:38:15 PM Sent> REST 1
10/21/2009 2:38:16 PM Recv> 350 Restart from 1
10/21/2009 2:38:16 PM Sent> REST 0
10/21/2009 2:38:16 PM Recv> 350 Restart from 0

Bump. Any ideas?

Sorry, I can't help you with the issue, but the first thing I notice is the presence of the "Load comparison" entry at the top of the one log and missing from the other (and the extra 7 seconds of runtime that go with it). Are you sure the connection was configured and launched the same way under both logins?

I was wrong about BC not using any Windows-provided functionality at all. It does use the Windows certificate store to validate the signing chain, and it looks like that's the problem here. Unfortunately the logging doesn't include enough information to track down the error, but it's definitely something to do with the certificate store. I'd guess that the change on the FTP server is that they updated their SSL certificate. Email support directly and we may be able to get you a build with additional logging to help track this down.

When you email support, [email protected] , please include a link back to this forum post. Thanks.

I'm having a similar issue. I just upgraded to Version 3.1.7 (build 10865), but the problem was present in previous builds too. I'm trying to FTP from a Windows XP machine to a Windows Server 2003 running FileZilla Server 0.9.27 beta. I can connect to the server from CuteFTP with minimal configuration (just using the Quick Connect Bar with the standard port 21), but I can't connect with BC3 (Pro) using the exact same settings.

I've attached copies of the log from CuteFTP and from BC3 (as much as is output anyway...)