Hello, we have an ISPConfig 3 server setup including the PureFTPd MySQL service. Our TLS certificate is about to expire and we decided to change the CA at the same time. Every other service (Apache, email etc) migrated to the new certificate successfully, but PureFTP did not. I replaced the contents of the /etc/ssl/private/pure-ftpd.pem with the new certificate and bundle (actually the pure-ftpd.pem is a symlink to /usr/local/ispconfig/interface/ssl/ispserver.crt). After restarting PureFTPd (/etc/init.d/pure-ftpd-mysql restart) the old certificate is still offered to clients connecting via FTP. Any suggestions? Thanks
Only thing i can think of is you need both private and public key in the same file so your symlink sounds incorrect.
Tack and thanks for the suggestion. It seems that you are correct, the file should include the key too - I don't remember that had I or had I not included it in the old file, I should check my backups. Alas, it still has no effect. I then stopped the pure-ftpd-mysql -service, tried to connect and it connects (with the old certificate). I checked via Code: lsof -i that pure-ftpd (without -mysql) is still running. I tried both Code: service pure-ftpd restart and Code: /etc/init.d/pure-ftpd restart , but neither commands are found.
Hello, yesterday I had to restart the whole server and PureFTPd now uses the new certificate. I'm fairly sure that the PureFTPd restart commands are wrong, but I can't find the right ones. Luckily the new certificate is valid for three years