Rebex FTP

FTP and FTPS client .NET library

Download 30-day free trial Buy from $349
More .NET libraries

Back to feature list...

Authentication methods

On this page:

Username and password 

The most common FTP authentication uses username and password: 

// connect to a server
var ftp = new Ftp();
ftp.Connect(hostname);

// log in
ftp.Login(username, password);

' connect to a server
Dim ftp As New Rebex.Net.Ftp()
ftp.Connect(hostname)

' log in
ftp.Login(username, password)
Some servers allow anonymous authentication. For those, call the Login method with a username of "anonymous" and use an e-mail address as a password.

Username, password and account 

Some FTP servers require an "account name" in addition to the username and password: 

// connect to a server
var ftp = new Rebex.Net.Ftp();
ftp.Connect(hostname);

// log in using the "account name"
ftp.Login(username, password, account);

' connect to a server
Dim ftp As New Rebex.Net.Ftp()
ftp.Connect(hostname)

' log in using the "account name"
ftp.Login(username, password, account)

Client certificate authentication 

Client certificates are an optional way to authenticate the client to the server. This is only possible when connecting/authenticating to a TLS/SSL-capable FTP server. However, most servers still require authentication with a username and password even when client certificate authentication has taken place.

A certificate with an associated private key is needed for client authentication. Set Settings.SslClientCertificateRequestHandler property to an implementation of certificate request handler that is called when the FTP server asks for client certificate.

a) Use the built-in StoreSearch handler, that searches the user's certificate store for a first suitable certificate: 

// set a certificate request handler
ftp.Settings.SslClientCertificateRequestHandler = CertificateRequestHandler.StoreSearch;

// connect to the server
ftp.Connect(hostname, SslMode.Explicit);

// authenticate (still needed in many cases)
if (!ftp.IsAuthenticated)
    ftp.Login(username, password);

' set a certificate request handler
ftp.Settings.SslClientCertificateRequestHandler = CertificateRequestHandler.StoreSearch

' connect to the server
ftp.Connect(hostname, SslMode.Explicit)

' authenticate (still needed in many cases)
If Not ftp.IsAuthenticated Then ftp.Login(username, password)

b) Use the built-in PFX-based certificate request handler: 

// load a certificate chain from a .P12 or .PFX file
CertificateChain certificate = CertificateChain.LoadPfx("mycert.p12", "password");

// set a certificate request handler
ftp.Settings.SslClientCertificateRequestHandler = CertificateRequestHandler.CreateRequestHandler(certificate);

// connect to the server
ftp.Connect(hostname, SslMode.Explicit);

// authenticate (still needed in many cases)
if (!ftp.IsAuthenticated)
    ftp.Login(username, password);

' load a certificate chain from a .P12 or .PFX file
Dim certificate As CertificateChain = CertificateChain.LoadPfx("mycert.p12", "password")

' set a certificate request handler
ftp.Settings.SslClientCertificateRequestHandler = CertificateRequestHandler.CreateRequestHandler(Certificate)

' connect to the server
ftp.Connect(hostname, SslMode.Explicit)

' authenticate (still needed in many cases)
If Not ftp.IsAuthenticated Then ftp.Login(username, password)

c) Write a custom handler, for example to load the certificate from a .pfx/.p12 file: 

private class MyCertRequestHandler : ICertificateRequestHandler
{
    // This method is called during TLS/SSL negotiation
    // when the server requests client certificate authentication
    public CertificateChain Request(TlsSocket socket, DistinguishedName[] issuers)
    {
        // provide a certificate loaded from a .pfx/.p12 file
        return CertificateChain.LoadPfx(clientCertPath, clientCertPassword);
    }
}

Private Class MyCertRequestHandler
    Implements ICertificateRequestHandler

    ' This method is called during TLS/SSL negotiation
    ' when the server requests client certificate authentication
    Public Function Request(socket As TlsSocket, _
                            issuers() As DistinguishedName) _
                        As CertificateChain _
                        Implements ICertificateRequestHandler.Request
        ' provide a certificate loaded from a .pfx/.p12 file
        Return CertificateChain.LoadPfx(clientCertPath, clientCertPassword)
    End Function
End Class

Don't forget to register the handler: 

// set a certificate request handler
ftp.Settings.SslClientCertificateRequestHandler = new MyCertRequestHandler();

// connect to the server
ftp.Connect(hostname, port, SslMode.Explicit);

// authenticate (still needed in many cases)
if (!ftp.IsAuthenticated)
    ftp.Login(username, password);

' set a certificate request handler
ftp.Settings.SslClientCertificateRequestHandler = New MyCertRequestHandler()

' connect to the server
ftp.Connect(hostname, port, SslMode.Explicit)

' authenticate (still needed in many cases)
If Not ftp.IsAuthenticated Then ftp.Login(username, password)

Back to feature list...