Troubleshooting Cipher Issues

Many error messages in third party apps related to encryption, ciphers, etc. will go away by upgrading the version of the app. We always recommend upgrading to the latest and greatest because it often brings security and speed benefits.

This is especially true if it prevents you from needing to enable our insecure ciphers setting, which insecure.

CuteFTP "Error in negotiating SSL connection"

CuteFTP versions prior to 9.2.0 do not support the ciphers needed for to operate securely. Suggest upgrading CuteFTP 9.2.0 or later, which fully supports secure encryption.

CuteFTP versions below 9.2.0 can only be supported using insecure ciphers.

Failed SSH Key Exchange or Bad server public DH value error using Ipswitch WS_FTP or MoveIt

WS_FTP versions prior to 12.6 and MoveIt versions prior to do not support the ciphers needed for to operate securely.

If they have already upgraded, and are still receiving key exchange errors, note that there is a known issue with upgrading previous versions of WS_FTP Professional to 12.6 where the ssh-algos.txt file is not updated with the following ssh-kex: diffie-hellman-group-exchange-sha256.

Users can manually add this to the ssh-algos.txt file located at: C:\Users\<user>\AppData\Roaming\Ipswitch\WS_FTP to resolve this.

Errors connecting to REST API with .NET (e.g. "An unexpected error occurred on a send")

Microsoft .NET versions below 4.5 don't work natively with secure ciphers.

For .NET 4.5., TLS 1.2 is supported, but it’s not a default protocol. You need to opt-in to use it. The following code will make TLS 1.2 default - make sure to execute it before making a connection to secured resource: ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12

For .NET 4.0., TLS 1.2 is not supported. Upgrade your application to more recent version of the framework.

If you are unable to upgrade your .NET application, you will need to use the Insecure Ciphers capability of

Get Instant Access to

The button below will take you to our Free Trial signup page. Click on the white "Start My Free Trial" button, then fill out the short form on the next page. Your account will be activated instantly. You can dive in and start yourself or let us help. The choice is yours.

Start My Free Trial

©2024 All right reserved


  • Start My Free Trial
  • Pricing
  • Docs
  • API and SDKs
  • Contact


(800) 286-8372


9am–8pm Eastern