How to require explicit FTP over TLS
I work in a startup project on PhPStorm 8.0.3 . I'v been using the ftp settings to directly upload files on saving and it's been inredibly useful. Today I was unable to connect and when I asked my boss he just told me he will be adding more security to the server and I should now use some encryption setting. Everything he said was "require explicit FTP over TLS". While I am a programmer my knowledge of servers is nearly non-existent and have no idea what that means but didn't want to seem like the idiot (because everyone else seemed to know what that is) and just said I will do it. Right now I am turning to you guys here in need of help - what is that TLS thing and how do I enable it? If I try connecting to the server the old way (ftp username and password) the server just closes the connection.
Thanks for reading my question and hope you are able to help
Please sign in to leave a comment.
Hi there,
https://en.wikipedia.org/wiki/FTPS
You need to use deployment of FTPS type (do not be confused with SFTP) instead of plain FTP.
I did try that one as I guessed it could be it. Seeing the description was "explicit" I also set the option in the FTPS connection to explicit. Sadly that did not yield any result - I got a "could not connect" error. Here is some more info - to connect everyone else is using FileZilla with protocol set to "FTP" and encryption set to "Require explicit FTP over TLS". Are you sure just switching the connection type in phpStorm to "FTPS" while using the exact same ftp username/password should be enough for this to work? For FTPS will I be needing different username/password than the ftp ones? Also are you sure this is analogous to the FileZilla settings I just described?
No idea - I'm not using FileZilla, at all.
But accordingly to https://wiki.filezilla-project.org/FTP_over_TLS it sounds the same.
As far as I'm aware (regrading the same username/password) -- yes. At very least in one test that I did once (using IIS 7.5 as web/FTP server) the same login details were used.
"explicit FTP over TLS" = FTPS -- I know no other interpretation.
Unfortunately I do not use FTPS myself so cannot tell you what else should be done here/how to debug "could not connect" error. I may only suggest to enable extra debugging and see what it will tell you in the logs.
----
You may wait a bit and member of dev/support team that know more on this subject may see this thread and give you better advice/solution.
Double check the port number -- maybe different port is required; Same with Active/Passove modes.
Also -- you have said that you are using 8.0.3 -- try v9 -- it should have some improvements in deployment area.
Other people may be seeing this issue because of an expired ssl certificate on the server.
Filezilla will ask if it should trust it if it see an expired cert, while phpstorm will just disconnect.
While trusting an expired certificate is not ideal, we're not always in control of those servers so having an option to explicitly tell phpstorm to trust the cert would be great.
To elaborate on TLS: it stands for Transport Layer Security and is the successor of SSL. In this particular case FTP over TLS (FTPS in short) is the equivalent to what HTTPS is for HTTP. And quite frankly as a programmer it would be wise to immerse yourself on subjects like this, because it will likely be a returning factor in your work.
Although this is an old problem and you've probably already found a solution to this, I find it valuable to mention that FTP problems can have numerous reasons, both client-side and server-side. It doesn't matter how experienced you with it, these problems always keep popping up.
Filezilla seems to change it ways of communicating with FTP servers every now and then. On several occasions configurations that were previously working stopped working after an upgrade of Filezilla, so upgrade with caution and keep a backup of the old version until you are sure the new version is fully working.
As for PhpStorm I also had several occasions where my exact same configuration would work in Filezilla but not in PhpStorm and vice versa. To fix this tricks include switching from active to passive mode. Or to tick "Always use LIST command". These tricks work sometimes, but the problem may very well lie with the server configuration. And since you experienced problems right after the configuration was updated, it could've been likely a few configuration tweaks would solve the problem for you aswell.
I'll spare you the details of the possible causes if it is a server-side problem. Just see if you can manage to connect with one particular client. If you can, and you can't with PhpStorm (with the same configuration) it might very well be a server-side problem and you should contact the server admin.
Like Liam mentions, phpstorm will just disconnect when it encounters an expired cert.
https://intellij-support.jetbrains.com/hc/en-us/community/posts/206319689/comments/207525949
I'm 99% sure this is my issue. Is there any way around this, to tell phpstorm to trust the cert?
I had the same issue and the setting that required adjustment is to uncheck this setting (Server Options -> FTP over TLS settings):
Uncheck that option and FTPS works with FileZilla and PhpStorm.
I think that this is a lack of functionality on the part of PHPStorm, which can be improved.
For example, in Aptana (Eclipse) you can uncheck "Validate Certificate" and "Disable SSL session resumption" right in the connection settings so you can connect a remote server with an expired certificate.