getssl icon indicating copy to clipboard operation
getssl copied to clipboard

Published 20 hours ago verified publisher icon srvrco

can tokens be uploaded via FTPS?

Open nickwelsh1 opened this issue 6 years ago • 2 comments

Hi,

My web hosting provides an FTPS connection using TLS encryption. Is it possible to upload my tokens to my server via FTPS with this script?

I've tried modifying the getssl.cfg for the ACL line to ftps -

ACL=('ftps:user:password:www.domain.com:/.well-known/acme-challenge')

however this hasn't been successful.

Uploading a file manually with curl using the following works for me -

curl -k -v ftps://ftp.domainftp.com/.well-known/acme-challenge/ -u user:password -T testfile.txt

My hosting provides a self-signed certificate during the FTPS handshake which I must accept hence the -k option.

Thank you, Nick

nickwelsh1 avatar Aug 14 '18 08:08 nickwelsh1

Forget my last comment. Sorry… 😔

I've missed that you're talking about the challenge token.

killerbees19 avatar Aug 14 '18 12:08 killerbees19

I wrote a fix to add in FTPS functionality myself. Depending on how the FTPS server is setup this may work for you too.

Before line 550. elif [[ "${to:0:5}" == "sftp:" ]] ; then insert the following -

echo "in-ftps-loop" if [[ "$cert" != "challenge token" ]] ; then error_exit "ftps has only been tested for challenge tokens" fi debug "using ftps to copy the file from $from" ftpuser=$(echo "$to"| awk -F: '{print $2}') ftppass=$(echo "$to"| awk -F: '{print $3}') ftphost=$(echo "$to"| awk -F: '{print $4}') ftplocn=$(echo "$to"| awk -F: '{print $5}') ftpdirn=$(dirname "$ftplocn") ftpfile=$(basename "$ftplocn") fromdir=$(dirname "$from") fromfile=$(basename "$from") debug "ftps user=$ftpuser - pass=$ftppass - host=$ftphost dir=$ftpdirn file=$ftpfile" debug "from dir=$fromdir file=$fromfile" echo " " echo "Using CURL to upload challenge token to webserver via FTPS" echo " " curl -k ftps://$ftphost$ftpdirn/ -u $ftpuser:$ftppass -T $fromdir/$fromfile echo " " echo "after curl statement" echo " "

If you also want to add some useful colour to the script to help highlight when intermediate CA cert's have been downloaded successfully you could also add

echo -e ${GREEN}The intermediate CA cert is in${NC} $gc_cafile

after line 836
info "The intermediate CA cert is in $gc_cafile"

and insert

#colors RED='\033[0;31m' NC='\033[0m' # No Color GREEN='\033[0;32m'

after line 240.

Cheers, Nick

nickwelsh1 avatar Aug 21 '18 06:08 nickwelsh1