Skip to Content

FTPS sender adapter: Connection Closed by remote host

Hi Experts,

I have a following FTPs server which I get files from and put files to:

Parameter Value Control Port hostname/URL host1.com Control Port 21 Data Port hostname/URL host2.com Data Port 9900 - 9999

Now, my FTPs receiver can successfully put files in the FTPs server. But somehow, the FTPs sender channel cannot poll the directory in the FTPs server, everytime it polls the FTPs server, there's always an error message:

'Error occured while connecting to the FTP server "host1.com:21": java.io.EOFException: Connection closed by remote host.'

Here are the configuration of the FTPs sender adapter:

Connection Security: FTPS (FTP using SSL/TLS) for Control and Data Connection

Command Order: AUTH TLS, USER, PASS, PBSZ, PROT

Data Connection: Passive

I wonder why the FTPs receiver channel has no problem connecting, but the FTPs sender channel receive the "Connection closed by remote host" error message. Is there any way to troubleshoot this?

Thank you,

Suwandi C.

Add a comment
10|10000 characters needed characters exceeded

Assigned Tags

Related questions

8 Answers

  • Posted on Nov 11, 2015 at 07:49 AM

    Hello Suwandi,

    Check whether the folder has read permissions inorder to pick the file.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Nov 11, 2015 at 09:47 AM

    Hi Suwandi,

    After Raghuraman suggestion, you can change PI Connect Mode section (Permanently or per file transger). Also, that error could be when the FTP channel is hung or the server FTP doesn't close correctly the communication.

    Regards.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Nov 11, 2015 at 11:51 AM

    Hi All,

    Thanks for the replies.

    Yes, the folder has a read permission. I also have tried both connection mode (permanently or per file transfer) but still fails..

    I wonder if there's a log where I can see in which step/command does this connection actually fails, because the error message is quite general.

    Thank you,

    Suwandi C.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Nov 11, 2015 at 01:39 PM

    Hi Raghuraman,

    Thanks for the reply. Do you mean at the same server as the PI server? No, the FTPs server is from a third party vendor.

    Actually after checking at the trace log file, I've found the following at the log:

    ssl_debug(245): Starting handshake (iSaSiLk 4.403)...

    ssl_debug(245): Sending v3 client_hello message to host2.com:9907, requesting version 3.1...

    ssl_debug(245): IOException while handshaking: Connection closed by remote host.

    ssl_debug(245): Sending alert: Alert Fatal: handshake failure

    ssl_debug(245): Shutting down SSL layer...

    The SSL handshake process is successful at the control port, but then during the SSL handshake with the data port, there's an IOException.

    What could possibly causing an IOException?

    Thank you,

    Suwandi C.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Nov 12, 2015 at 11:28 AM

    Hi All,

    Thanks for the advice.

    Yes, currently we're in the progress of installing the XPI inspector but we're facing a difficulty in installing it.

    We've also contacted the third party FTP vendor to check on their log.

    Thank you,

    Suwandi C.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Nov 13, 2015 at 02:50 AM

    Hi Experts,

    I've received a response from the FTPS vendor, they said that PI is trying to connect using the old TLS version and Cipher.

    The log message at the FTPS server is:

    Ensure that client is using ssl_tlsv2 and any of the following ciphers: [TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, TLS_RSA_WITH_NULL_SHA, TLS_ECDHE_RSA_WITH_NULL_SHA, TLS_RSA_WITH_NULL_SHA, TLS_RSA_WITH_NULL_MD5].

    How to check what TLS version is and cipher method is used in PI and how to change them?

    I found out that ssl_tlsv2 means a context protocol which supports: TLSv1.2, TLSv1.1, TLSv1.0 and SSLv3

    PI has sent SSL using version 3.1 (I think SSLv3.1 means TLSv1.0), since TLS1.0 is supported in ssl_tlsv2, that means we need to check on the cipher mode?

    Regards,

    Suwandi C.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Nov 17, 2015 at 03:32 AM

    Hi Experts,

    Thank you for the reply.

    as I recall, that the FTPS receiver channel works fine, the one with issue is the FTPS sender channel.

    If the FTPS server vendor said that the issue is at the cipher version mismatch between SAP PI and their FTPS server, then why does the FTPS receiver channel works? I guess there would still be a SSL/TLS handshake and security negotiation going on in the FTPS receiver channel. CMIIW.

    Regards,

    Suwandi C.

    Add a comment
    10|10000 characters needed characters exceeded

  • Posted on Nov 17, 2015 at 06:49 AM

    Hi Experts,

    I've found out from the trace file that if I put a name in the file name, something like: 'Filename*' then the connection is in error at the LIST command. But, if I put just '*' (asterisk) in the file name, then the LIST command is successful and we can continue to retrieve the files.

    The problem is by putting asterisk (*) in the file name parameter, then the channel will pick all files, but I may not pick all files.

    Has someone experience this? Is there any other way to limit files picking in FTP sender channel other than setting it in the filename?

    Regards,

    Suwandi C.

    Add a comment
    10|10000 characters needed characters exceeded

Before answering

You should only submit an answer when you are proposing a solution to the poster's problem. If you want the poster to clarify the question or provide more information, please leave a comment instead, requesting additional details. When answering, please include specifics, such as step-by-step instructions, context for the solution, and links to useful resources. Also, please make sure that you answer complies with our Rules of Engagement.
You must be Logged in to submit an answer.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MB each and 10.5 MB total.