proftpd TLS for all virtual hosts?

Discussion in 'Installation/Configuration' started by pootle, Feb 24, 2007.

  1. pootle

    pootle New Member

    Is it possible to setup proftpd so that when ISPconfig create the virtual host it inherits the TLS settings?

    I've set proftpd up to work with TLS but as soon as a virtual host is added it breaks the security as its not got a TLS config in it. How do you make it inherit the settings? If there and option in ISPConfig..
    I've drunk a lot of coffee today so I might not be makin sense but I could do with some help here.
  2. pootle

    pootle New Member

    I'm not sure its right but I think i've sorted this out.

    in proftpd i added this (after compiling proftpd with tls support).

    <IfModule mod_tls.c>
    TLSEngine on
    TLSLog /var/log/proftpd/proftpd_tls.log
    #TLSProtocol TLSv1
    TLSProtocol SSLv23
    TLSRequired on
    TLSVerifyClient off
    TLSRSACertificateFile /etc/ssl_proftp/ftptls.cert
    TLSRSACertificateKeyFile /etc/ssl_proftp/ftptls.key
    I'm not sure if its right as if a user logs into their domain they'd get the master sight certificate of so the common names wouldn't match I know for https this is an issue but im not sure if ftp clients check to that level of detail. It works for me non the less as all child virtual hosts inherit this so it does work just maybe breaks the rule of security :)
  3. falko

    falko Super Moderator ISPConfig Developer

    If you like you can modify the proftpd_ispconfig.conf master template in /root/ispconfig/isp/conf/.

Share This Page