Hi, Trying to get TLS working on FTP. I'm using Debian/Wheezy Perfect Server with pure-ftp running on one server box. Have a class 2 certificate installed, also I can say that /etc/pure-ftp/conf/TLS has a value of 1. I'm using coreftp because filezilla seems to have gone downhill and have selected AUTHTLS, it is on port 21, and in passive mode. There are several boxes under SSL options but I've just left the defaults. In ISPConfig both the client and the site have SSL checked. Maybe this isn't suppose to work with this setup and I should be using winSCP instead. Thank you for any assistance.
FTP with tls works out of the box in the wheezy perfect setup. the settings of the client and site do not matter for tls in ftp, only the settings in the pzre-ftpd config files are relevant. The ssl cert that you get after following the perfect setup guide is a self signed ssl cert. In this guide is described how to install a officially signed ssl cert for all services incl. pure-ftpd. the guide is for startssl but works as well for any other ssl authority. http://www.howtoforge.com/securing-...h-a-free-class1-ssl-certificate-from-startssl
Thank you Till for your reply. Yes, I followed that how-to and installed a StartSSL class2 certificated March of 2013 when I was on Perfect Server Debian Squeeze. Since then I went to Wheezy and just today ran apt-get upgrade and update and installed the latest version of ISPConfig 3.0.5.3. When it asked me to create a self-signed certificate I answered 'NO'. I also updated dovecot.conf and ispconfig.vhost with 1 line each as directed. With all these updates I must have taken a wrong turn somewhere. Do I follow the certificate guide again and retrace my steps?
Thanks for your help again. Went through StartSSL certificate how-to but couldn't find anything wrong. I'm using the same key I used when I applied for the certificate. At that time I was on Squeeze. Does changing to Wheezy affect the key at all? The only other thing is that ispserver.pem has owner root and group ispconfig, and its link pure-ftpd.pem in /etc/ssl/private/ has both owner and group as root if that makes a difference. Another thing in coreftp I changed the host to my actual server host name and got an real error message: It opens a connection to my router but not the computer making the request?
