Hello to all, I have configured a new server based on debian 11 bullseye with ISPConfig 3.2.7p1 Everything is working fine. However after installation, there is a problem with ftp connection on the sites due to a certificate problem. "The server certificate is unknown ..." #///////////////////// I followed the procedure "Perfect Server Automated ISPConfig 3 Installation on Debian 10 - 11 and Ubuntu 20.04" ( howtoforge(.)com/ispconfig-autoinstall-debian-ubuntu/ ) Then cd /tmp wget ... ISPConfig-3-stable.tar.gz tar xfz ISPConfig-3-stable.tar.gz cd ispconfig3_install/install/ php -q update.php in order to install an ssh key.
By default only if you connect to server hostname fqdn would ISPConfig covered by default but connecting with any other websites domain name would not. So did you connect through the former or the latter?
Seems as if you mix up SSH (SFTP) and FTP (FTPS) here. SSH keys are used by SSH only, FTP uses SSL, and a Let's Encrypt SSL cert is installed by running the auto-installer, no ISPConfig update is needed (at least unless you missed configuring a proper server hostname first).
It seems so ! #NoobInProgress I have configured the host as follows 127.0.0.1 localhost.localdomain localhost ::1 localhost ip6-localhost ip6-loopback ff02::1 ip6-allnodes ff02::2 ip6-allrouters 127.0.1.1 server.mydomain.com ServerName 127.0.1.1 ServerName ServerName I can connect to the Ispconfig interface, create the FTP user, but cannot connect in FTP with Filezilla. This could be due to a wrong configuration of the host file before installation ?
The hostname must be configured as DNS A-Record in the DNS servers that are authoritative (responsible) for that zone, the local /etc/hosts file of the server does not matter for that as let's encrypt will only issue a valid cert if the external DNS is set up properly before you install ISPConfig (or before you run an update to recreate the SSL certificate). Take care that you use FTPS in FileZilla as connection method and not SFTP. SFTP is not FTP, it is SSH.
After clean re-install of debian 11 and ispconfig with the perfect server script. (without update) No errors reported - client creation - ftp user creation In Filezilla same configuration as this one I try in Forklift 3 too address provided by OVH impossible to connect. server certificat unknow ... I am following the same FTP process as on another OVH dedicated server for which ispconfig was installed automatically at the install. There is something I don't understand!
The LE SSL certs used is under your server fqdn thus your ip or any other sites domain in the server, is not included. Meaning you should connect only to e.g. example.server.tld if that is your server fqdn.
Thank's @ahrasis It seems to me that this is what I did. ( but I may have misunderstood ) I am using the same address: example.myserver.com as the one I used to log in to the ispconfig interface ( example.myserver.com:8080 ) On my old server I use the IP address and it works. Here nothing goes. neither in FTP, nor in FTP TLS ... I am blocked by an unrecognized certificate. I don't understand. #TooNoob
Using an IP must produce a ssl cert error on any system, so you probably did not use SSL/TLS on your old system then. If you use FTP without TLS, then an SSL cert can not block you. Try using FTP without TLS and then post the exact errors that FileZilla showed in the connect log window. Maybe you just use a wrong username (you must use the username incl prefix (e.g. c1test where c1 is the prefix and test the username) as shown in the FTP user list in ISPConfig.
From the images you provided, it shows that you are connecting using some IP and not your server FQDN. In any event, check what is advised by @till above.
Thanks for your patience Simple FTP configuration user and password ok, server address verified here is what the filezilla console says : Code: Status: Resolving address of xxxx.yyyyy.net Status: Connecting to 00.00.00.00:21... Status: Connection established, waiting for welcome message... Status: Plain FTP is insecure. Please switch to FTP over TLS. o_O Status: Logged in Status: Retrieving directory listing... Command: PWD Response: 257 "/" is your current location Command: TYPE I Response: 200 TYPE is now 8-bit binary Command: PASV Response: 227 Entering Passive Mode (54,39,104,64,174,94) Command: MLSD Error: Connection timed out after 20 seconds of inactivity Error: Failed to retrieve directory listing
You closed the passive port range of your FTP server in a firewall, that#s why it fails when switching to passive mode. See: https://www.faqforge.com/linux/cont...ange-in-pure-ftpd-on-debian-and-ubuntu-linux/