When a popular FTP client reports an "unknown certificate" error does that mean that the certificate has not been set up properly on the server? Is the FTP client supposed to follow the certificate chain to the root authority and trust things if all looks good, like a web browser does?
We are trying to troubleshoot a situation where a business partner is unable to connect to the FTP server of the multi-tenant cloud platform where we get workgroup collaboration (file sharing) and FTP services. The cloud platform belongs to a big-name player in the industry.
Individual tenants on the platform do not have access to any real-time diagnostics. So I opened a popular FTP client for Windows on my desktop and tried to connect to that FTP server using the FTPS protocol over port 990 in passive mode with Implicit TLS, supplying the credentials we gave to that business partner.
My FTP client reports that the server's certificate is unknown. Do I want to trust it? And when I trust the unknown certificate, the connection succeeds and the FTPS session proceeds normally.
The FTP server name takes this format:
tenantcompany.multitentantftpserver.com
The validity period is good, from a day in January 2022 to a day in January 2023.
And the "Subject" of the certificate is as follows (I'm supplying generic names, not actual, and not the real state and locality names):
Common name: *.multitenantftpserver.com
Organization: Multi-Tenant Systems\, Inc.
Country: US
State or province: Mississippi
Locality: Oxford
Alternative names: *.multitenantftpserver.com
multitenantftpserver.com
The backslash is actually there in the Organization in front of the comma, like they were trying to "escape" the comma. Could something like that create problems for recognizing the certificate?
and the "Issuer":
Common Name: DigiCert TLS RSA SHA256 2020 CA1
Organization: DigiCert Inc
Country: US
There are three certificates in the chain: 0: server certificate; 1: intermediate certificate; 2 Root certificate.
The common name of the intermediate and root certificates is DigiCert Global Root CA.