FTP Server with TLS Support from Let's Encrypt

I decided to upgrade the security level on one of my FTP servers running under ISPConfig 3. The server has been running nicely in plain (unsecured) mode for years. I changed the configuration to turn on the SSL switch, and the Let's Encrypt switch. The Let's Encrypt log shows the certificate as having been generated, but the FTP server configuration doesn't seem to have been changed. Testing with an FTP client (FileZilla) from a remote site shows as neither AUTH TLS nor AUTH SSL being supported, so it falls back to an unsecured connection.
I've likely missed something somewhere, so I'd appreciate a pointer in the right direction. I have not touched the vhost file for the site, leaving that up to ISPConfig to play with.
Cheers
Norm

 

This is to enable LE SSL for website so it does not secure the ftp access at all, consequently, filezilla is right not to detect AUTH TLS / SSL if you are connecting ftp via the website domain.

ISPConfig supports secured ftp using LE SSL via your server hostname FQDN only, so if your ISConfig UI is secured with it you can try secured ftp access using that FQDN because it is by default extended to all other services in that ISPConfig server.

 

Okay, thanks for the explanation, however it then raises the question -- how would I achieve what I am looking to do, namely secure one FTP virtual site, preferably with Let's Encrypt so I don't have to spend tons of money on a certificate I won't use much. I can't open access to my entire ISPConfig server as there are a number of virtual sites on it and I have no intention of opening it up to attack.

 

In your web site's settings, you should use chrooted / jailed option so that any ftp user created under it will be limited to that site only. That is how one limits ftp access in ISPConfig server.

Then, using ISPConfig server FQDN is for one to access its ftp service securely since it has been setup LE SSL certs. Otherwise, you ftp access won't be secured.