Knowledge Base

Enter search queries below or use the tag links to the right to browse the knowledge base by category (Show All Tags).

Server is changing its SSL certificate or SSH host key

Every time you connect to a secure server, the server sends the fingerprint for the server's SSH host key (if it is an SFTP server) or the host certificate (if it is an FTPS server).

You must accept this certificate / fingerprint before the connection can continue.

Robo-FTP offers the ability to store this information. Then, on subsequent connection attempts, it compares what the server sends down on the current attempt and accepts it automatically as long as it matches what it received previously.

This is a security feature that helps prevent what are commonly known as "man in the middle" attacks.

If the server changes its SSL certificate or SSH host key, you may need to take steps to enable Robo-FTP to continue connecting to this server.

If you are connecting to an FTPS server and the certificate they are using is trusted by Microsoft, you will not need to do anything. Robo-FTP will accept it automatically.

Otherwise, once the certificate or key has been changed you can take the following steps to accept the new key or certificate. This process applies to Robo-FTP version 3.10.x or later. The process may vary for older or newer versions of the software.

Connect to the site with the Robo-FTP Configurator by navigating to the Manage Sites tab, selecting the relevant site, and clicking the Edit button. You should then click the Test button.

The software will display a pop-up message with information about the key or certificate and give you an opportunity to accept and store it for future connections.

Article last updated: 2021-01-22

Tags: Robo-FTP, FTPS, SFTP, Certificate, server certificate, SSH host key