ComponentPro UltimateFtp

      Explicit or Implicit SSL

      Language Filter: AllSend comments on this topic to ComponentPro

      When using the FTP protocol, there are two types of SSL connections:

      Explicit connection

      Explicit connection and Implicit connection are two secure methods used to connect to a secure FTP server. This topic will go in detail the Explicit connection.

      When the client connects to the server using SSL, an SSL negotiation is initialized, the connection is secured, and all subsequent communications are to be protected. 

      The code snippet below shows how to connect to an FTP server securely using Explicit security mode.

      // Create a new class instance. 
      using (Ftp client = new Ftp())
      {
          // Connect to the FTP server. 
          client.Connect("myserver", 21, SslSecurityMode.Explicit);
      
          // Authenticate. 
          client.Authenticate("userName", "password");
      
          // Do something here... 
          client.DownloadFile("/my remote file.dat", "my local file");
      }
      

      Implicit connection

      Originally, a separate port was assigned to the SSL version of the FTP.  An FTP server with Implicit SSL configuration usually runs on port number 990. Upon connection to this port, an SSL negotiation starts immediately, and the control connection is secured. All data connections are also secured implicitly in the same way. This is similar to the approach used by HTTPS.

      The code snippet below shows how to connect to an FTP server securely using Implicit security mode.

      // Create a new class instance. 
      using (Ftp client = new Ftp())
      {
          // Connect to the FTP server. 
          client.Connect("myserver", 990, SslSecurityMode.Implicit);
      
          // Authenticate. 
          client.Authenticate("userName", "password");
      
          // Do something here... 
          client.DownloadFile("/my remote file.dat", "my local file");
      }
      
      Implicit SSL, although common, is not formally adopted in an RFC.