Troubleshooting Cipher Issues

Many error messages in third party apps related to encryption, ciphers, etc. will go away by upgrading the version of the app. We always recommend upgrading to the latest and greatest because it often brings security and speed benefits.

This is especially true if it prevents you from needing to enable our insecure ciphers setting, which insecure.

CuteFTP versions prior to 9.2.0 do not support the ciphers needed for Files.com to operate securely. Suggest upgrading CuteFTP 9.2.0 or later, which fully supports secure encryption.

CuteFTP versions below 9.2.0 can only be supported using insecure ciphers.

WS_FTP versions prior to 12.6 and MoveIt versions prior to 9.1.0.3.0 do not support the ciphers needed for Files.com to operate securely.

If they have already upgraded, and are still receiving key exchange errors, note that there is a known issue with upgrading previous versions of WS_FTP Professional to 12.6 where the ssh-algos.txt file is not updated with the following ssh-kex: diffie-hellman-group-exchange-sha256.

Users can manually add this to the ssh-algos.txt file located at: C:\Users\<user>\AppData\Roaming\Ipswitch\WS_FTP to resolve this.

Microsoft .NET versions below 4.5 don't work natively with secure ciphers.

For .NET 4.5., TLS 1.2 is supported, but it’s not a default protocol. You need to opt-in to use it. The following code will make TLS 1.2 default - make sure to execute it before making a connection to secured resource: ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

For .NET 4.0., TLS 1.2 is not supported. Upgrade your application to more recent version of the framework.

If you are unable to upgrade your .NET application, you will need to use the Insecure Ciphers capability of Files.com.