FileZilla gives an error: Status: Connection attempt failed with "ECONNREFUSED - Connection refused by server". Error: Could not connect to serversystemctl gives: (?@?) [ERROR] TLS [/etc/ssl/private/pure-ftpd.pem](317): error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatchPresumably the latest cert renewal has gone wrong. The last renewal was 16 Oct. I think this was the first renewal since the server was rebuilt with Debian 10. I don't think I have had any reason to use FTP since then. Plain FTP works OK when I disable TLS. How can I recover from this?
Have you tried renewing the certificate and restarting pure-ftpd? You have to renew pem and key file. Seems only key file was renewed and now they don't match. Anyway: Latest version of filezilla seems to have some problems with pure-ftpd. Can you use a modern protocol instead? SFTP? Edit: To update pem file use: cat /etc/letsencrypt/live/mydomain.com/privkey.pem /etc/letsencrypt/live/mydomain.com/fullchain.pem > /etc/ssl/private/pure-ftpd.pem
That fixed it, thank you. I've checked the installation against Ahrasis's tutorial and everything seems ok. I'll have to see what happens on Dec 16 when the certs renew. Filezill has SFTP, is that not good?
SFTP is not FTP, its SSH and provided by sshd and not pure-ftpd, so you need an ssh user to use it and not an FTP user.
