I\'m having a hard time setting up a connection to a FTPS.
I\'m supposed to connect using SSL/TLS and AUTH (explicit standard). I\'ve got a server address and a por
Late response I know, but I've also been struggling with this, and the following two blocks of code ended up working for me, so even if it's too late for you, maybe it'll help others. In my case, I only had to verify the peer with a CA certificate, so if you need to verify yourself with the peer (beyond user/pass of course), you may need to integrate the third block of code below.
Downloading (with CA certificate only)
$ftp_server = 'ftps://YOUR-SERVER-NAME/';
$ftp_user = 'FTP-USER-NAME';
$ftp_password = 'FTP-PASSWORD';
$ftp_certificate = 'PATH TO CA CERT';
// ...e.g./var/www/certs/ssl-certificate.pub.crt
$source_file = 'REMOTE-FILE-PATH';
$destination_file = 'LOCAL-FILE-PATH';
$file = fopen($destination_file, 'w');
$ch = curl_init();
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_URL, $ftp_server . $source_file);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, $ftp_user . ':' . $ftp_password);
curl_setopt($ch, CURLOPT_TIMEOUT, 400);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 400);
curl_setopt($ch, CURLOPT_FILE, $file);
//SSL
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, $ftp_certificate);
curl_setopt($ch, CURLOPT_FTP_SSL, CURLFTPSSL_ALL);
curl_setopt($ch, CURLOPT_FTPSSLAUTH, CURLFTPAUTH_SSL);
curl_exec($ch);
$error_no = curl_errno($ch);
$error_msg = curl_error($ch);
curl_close ($ch);
if ($error_no == 0) {
$msg = 'File downloaded succesfully.';
} else {
$msg = 'File download error:' . $error_msg . ' | ' . $error_no;
}
fclose($file);
echo $msg;
Uploading (with CA certificate only)
$ftp_server = 'ftps://YOUR-SERVER-NAME/';
$ftp_user = 'FTP-USER-NAME';
$ftp_password = 'FTP-PASSWORD';
$ftp_certificate = 'PATH TO CA CERT';
// ...e.g./var/www/certs/ssl-certificate.pub.crt
$source_file = 'LOCAL-FILE-PATH';
$destination_file = 'REMOTE-FILE-PATH';
$file = fopen($source_file, 'r');
$ch = curl_init();
curl_setopt($ch, CURLOPT_VERBOSE, TRUE);
curl_setopt($ch, CURLOPT_URL, $ftp_server . $destination_file);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, $ftp_user . ':' . $ftp_password);
curl_setopt($ch, CURLOPT_TIMEOUT, 400);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 400);
curl_setopt($ch, CURLOPT_UPLOAD, 1);
curl_setopt($ch, CURLOPT_INFILE, $file);
curl_setopt($ch, CURLOPT_INFILESIZE, filesize($source_file));
//SSL stuff
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, $ftp_certificate);
curl_setopt($ch, CURLOPT_FTP_SSL, CURLFTPSSL_ALL);
curl_setopt($ch, CURLOPT_FTPSSLAUTH, CURLFTPAUTH_SSL);
$upload_result = curl_exec($ch);
$upload_info = curl_getinfo($ch);
$error_no = curl_errno($ch);
$error_msg = curl_error($ch);
curl_close ($ch);
if ($error_no == 0) {
$msg = 'File uploaded succesfully.';
} else {
$msg = 'File upload error:' . $error_msg . ' | ' . $error_no;
}
fclose($file);
echo $msg . '(' . filesize($source_file) . ')';
You can check the response code like this for example:
if ($upload_info['http_code'] == '226') {...}
To add public / private keys (add this before curl_exec
)
// A private SSL key.
// If your key file has a password, you will need to set
// this with CURLOPT_SSLKEYPASSWD
curl_setopt($ch, CURLOPT_SSLKEY, $keyFile);
// A PEM formatted certificate- with CURLOPT_SSLCERTTYPE
// you could also use DER or ENG formats
curl_setopt($ch, CURLOPT_SSLCERT, $certFile);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $certPass);
You may of course have to fiddle with timemout limits in PHP, Apache, and also nginx, as I did in my case with a troublesome Plesk installation, if files are large and transfers are slow.