与 IIS 的 Fluent FTP 和 TLS 连接失败，出现错误 534

我们目前使用 WinSCP C# 库通过 TLS 连接到 FTP 站点。它运行良好，但我们正在转向Linux容器，WinSCP将无法工作。我一直在尝试使用FluentFTP复制该功能，但到目前为止没有成功，我似乎从FluentFTP得到的唯一回应是

534 伺服器上的本地策略不允許 TLS 安全連線。

以下是WinSCP的设置：

options = new SessionOptions
{
FtpSecure = FtpSecure.Explicit,
HostName = hostName, 
PortNumber = 21,
Protocol = Protocol.Ftp,
TlsClientCertificatePath = certificatePath, 
UserName = "anonymous",
PrivateKeyPassphrase = certificatePassword,
TimeoutInMilliseconds = 6000
};
options.AddRawSettings("FtpHost", "0");
options.AddRawSettings("PostLoginCommands", "FEAT");

这是FluentFTP设置(我可能尝试过一些额外的位(：

using(FtpClient client = new FtpClient(_config.CmosFtpUrl))
{
FtpTrace.EnableTracing = true; 
FtpTrace.LogToFile ="log_file.txt";
FtpTrace.LogUserName = false;   // hide FTP user names
FtpTrace.LogPassword = false;   // hide FTP passwords
FtpTrace.LogIP = false;     // hide FTP server IP addresses
client.Credentials = new System.Net.NetworkCredential("anonymous", "");
client.ClientCertificates.Add(cert);
client.Port = 21;
//client.PlainTextEncryption = true;
client.EncryptionMode = FtpEncryptionMode.Explicit;
client.SocketKeepAlive = false;
client.DataConnectionType = FtpDataConnectionType.PASV;
client.DataConnectionEncryption = true;
client.SslProtocols = SslProtocols.Tls12 | SslProtocols.Tls13 | SslProtocols.Tls11 | SslProtocols.Tls;
client.ValidateCertificate += Client_ValidateCertificate;
client.Host = _config.CmosFtpUrl;
// client.SslProtocols = System.Security.Authentication.SslProtocols.None;
client.ValidateAnyCertificate = true;
await client.AutoConnectAsync();
await client.ExecuteAsync("FEAT", default);
var directory = await client.GetWorkingDirectoryAsync();
logger.LogInformation(directory);
}

以下是来自WinSCP的日志：

. 2020-01-14 13:45:56.838 Session name: anonymous@automated.cmosservice.co.uk (Ad-Hoc site)
. 2020-01-14 13:45:56.838 Host name: automated.cmosservice.co.uk (Port: 21)
. 2020-01-14 13:45:56.838 User name: anonymous (Password: No, Key file: No, Passphrase: Yes)
. 2020-01-14 13:45:56.838 Transfer Protocol: FTP
. 2020-01-14 13:45:56.838 Ping type: Dummy, Ping interval: 30 sec; Timeout: 6 sec
. 2020-01-14 13:45:56.838 Disable Nagle: No
. 2020-01-14 13:45:56.838 Proxy: None
. 2020-01-14 13:45:56.838 Send buffer: 262144
. 2020-01-14 13:45:56.838 UTF: Auto
. 2020-01-14 13:45:56.838 FTPS: Explicit TLS/SSL [Client certificate: Yes]
. 2020-01-14 13:45:56.838 FTP: Passive: Yes [Force IP: Auto]; MLSD: Auto [List all: Auto]; HOST: On
. 2020-01-14 13:45:56.838 Session reuse: Yes
. 2020-01-14 13:45:56.839 TLS/SSL versions: TLSv1.0-TLSv1.2
. 2020-01-14 13:45:56.839 Local directory: default, Remote directory: home, Update: Yes, Cache: Yes
. 2020-01-14 13:45:56.839 Cache directory changes: Yes, Permanent: Yes
. 2020-01-14 13:45:56.839 Recycle bin: Delete to: No, Overwritten to: No, Bin path: 
. 2020-01-14 13:45:56.839 Timezone offset: 0h 0m
. 2020-01-14 13:45:56.839 --------------------------------------------------------------------------
. 2020-01-14 13:45:56.856 Connecting to xxxxx ...
. 2020-01-14 13:45:56.885 Connected with xxxx, negotiating TLS connection...
< 2020-01-14 13:45:56.904 220 Microsoft FTP Service
> 2020-01-14 13:45:56.904 HOST automated.cmosservice.co.uk
< 2020-01-14 13:45:56.922 220 Host accepted.
> 2020-01-14 13:45:56.922 AUTH TLS
< 2020-01-14 13:45:56.940 234 AUTH command ok. Expecting TLS Negotiation.
. 2020-01-14 13:45:57.175 Server asks for authentication with a client certificate.
. 2020-01-14 13:45:57.283 Verifying certificate for "xxxx" with fingerprint 59:51:8b:ec:8e:49:54:7b:24:08:00:47:81:41:4d:20:5f:60:98:24 and 20 failures
. 2020-01-14 13:45:57.284 Certificate subject alternative name "xxxx" matches hostname
. 2020-01-14 13:45:57.345 Certificate verified against Windows certificate store
. 2020-01-14 13:45:57.345 Using TLSv1.2, cipher TLSv1/SSLv3: ECDHE-RSA-AES256-SHA384, 2048 bit RSA, ECDHE-RSA-AES256-SHA384 TLSv1.2 Kx=ECDH     Au=RSA  Enc=AES(256)  Mac=SHA384
. 2020-01-14 13:45:57.346 TLS connection established. Waiting for welcome message...
> 2020-01-14 13:45:57.346 USER anonymous
< 2020-01-14 13:45:57.363 331 Anonymous access allowed, send identity (e-mail name) as password.
. 2020-01-14 13:45:57.364 Server asked for password, but we are using certificate, and no password was specified upfront, using fake password
> 2020-01-14 13:45:57.364 PASS *********
< 2020-01-14 13:45:57.383 230 User logged in.
> 2020-01-14 13:45:57.383 SYST
. 2020-01-14 13:45:57.402 The server is probably running Windows, assuming that directory listing timestamps are affected by DST.
< 2020-01-14 13:45:57.402 215 Windows_NT
> 2020-01-14 13:45:57.402 FEAT
< 2020-01-14 13:45:57.421 211-Extended features supported:
< 2020-01-14 13:45:57.421  LANG EN*
< 2020-01-14 13:45:57.421  UTF8
< 2020-01-14 13:45:57.422  AUTH TLS;TLS-C;SSL;TLS-P;
< 2020-01-14 13:45:57.422  PBSZ
< 2020-01-14 13:45:57.422  PROT C;P;
< 2020-01-14 13:45:57.422  CCC
< 2020-01-14 13:45:57.424  HOST
< 2020-01-14 13:45:57.424  SIZE
< 2020-01-14 13:45:57.424  MDTM
< 2020-01-14 13:45:57.424  REST STREAM
< 2020-01-14 13:45:57.424 211 END
> 2020-01-14 13:45:57.424 OPTS UTF8 ON
< 2020-01-14 13:45:57.444 200 OPTS UTF8 command successful - UTF8 encoding now ON.
> 2020-01-14 13:45:57.444 PBSZ 0
< 2020-01-14 13:45:57.465 200 PBSZ command successful.
> 2020-01-14 13:45:57.465 PROT P
< 2020-01-14 13:45:57.485 200 PROT command successful.
. 2020-01-14 13:45:57.487 Connected
. 2020-01-14 13:45:57.487 --------------------------------------------------------------------------
. 2020-01-14 13:45:57.487 Using FTP protocol.

FluentFTP日志是这样的：

# ConnectAsync()
Status:   Connecting to ***:21
Response: 220 Microsoft FTP Service
Status:   Detected FTP server: WindowsServerIIS
Command:  AUTH TLS
Response: 534 Local policy on server does not allow TLS secure connections.
# Dispose()
Status:   Disposing FtpClient object...
Command:  QUIT
Response: 221 Goodbye.
Status:   Disposing FtpSocketStream...
Status:   Disposing FtpSocketStream...

我不确定为什么winSCP可以连接，而FluentFTP得到534错误。我正在本地在 IIS Express 下运行这些进行测试。