FTPS publish in Visual Studio fails, results in "Secure connection was closed by the remote connection end."

Question

I have an ASP.NET website that is hosted on a client's web-server, which I used to be able to publish directly from Visual Studio with Web One Click Publish. The connection was made over FTPS, so would connect to the server's IP address on port 21; i.e. ftps://101.102.103.104:21.

However, after a recent update to the SSL cert on the server, I can no longer publish to the server from VS - I get the error below when testing the connection or attempting to publish the files:

The workaround I've got is to publish to a local folder and then connect with FileZilla to push the files up. The credentials I use are the same in FileZilla, and that doesn't have any issues with making the connection or uploading the files. So there appears to be an issue with Visual Studio publishing over FTPS with this new cert in place.

One initial difference I noticed with deploying via FileZilla was that upon initial connection, I would get a warning about the certificate mismatching the site name - but that was only when connecting by IP address. If I used the server name (which has the same domain as the wildcard cert on the server), it didn't display that certificate popup. Unfortunately, using the server-name in the VS publish settings still gave the same error.

While I was grasping at straws for a fix, I tried connecting on port 990 to see if I could use implicit SSL (a few articles mentioned this as an option), but this didn't work - I'm not sure if that port is blocked at the firewall or if there's just no service listening, but I can't telnet to the server on port 990.

I don't believe this is a limitation of Visual Studio as it was working before. Possibly our IT guys made some server-config changes at the same time as they applied the certificate? Has anyone else encountered this and were you able to resolve the issue?

Answer 1

So after some further digging, I found a Visual Studio problem ticket from January 2018 that indicates FTP publishing doesn't support TLS 1.2:

https://developercommunity.visualstudio.com/content/problem/190065/unable-to-publish-web-app-via-ftp-over-tls-1112.html

From checking the FTP connection to the web-server from FileZilla, it appears this requires a TLS1.2 connection. Therefore I assume that when the new certificate was applied, the TLS1.0 protocol was disabled on the server by IT, and that led to the FTP connection failing.

Hopefully if anyone else runs into this issue, they'll benefit from the knowledge that TLS1.2 is not currently supported in Visual Studio FTP publish (as at version 15.7.4).

UPDATE:

Can confirm that Visual Studio 2019 (v16.1.1) does support FTPS publishing using TLS1.2