Add SSL/TLS support to proftpd

To enable SSL/TLS support in proftpd, add the following to the proftpd.conf file:

<IfModule mod_tls.c>
    TLSEngine on
    TLSLog /var/ftpd/tls.log
    TLSRequired off
    TLSRSACertificateFile /usr/share/ssl/certs/server.crt
    TLSRSACertificateKeyFile /usr/share/ssl/private/server.key
    TLSCACertificateFile /usr/share/ssl/certs/cacert.crt
    TLSVerifyClient off
    TLSRenegotiate required off
</IfModule>

To require SSL/TLS on all connections, change TLSRequired to on. Of course, replace the certificate, key, and CA certificate (if applicable) to the correct files on your system.

Once you're all done, close your FTP connection and make a new one. There is no need to restart xinetd.

This entry was posted on 16/05/2007 (Wednesday) at 7:45 pm and is filed under Uncategorized. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.
Printed from: http://rackerhacker.com/2007/05/16/add-ssltls-support-to-proftpd/ .
© Major Hayden 2012.

Leave a Reply

 

  • Welcome! I started this blog as a way to give back to all of the other system administrators who have taught me something in the past. Writing these posts brings me a lot of enjoyment and I hope you find the information useful. If you spot something that's incorrect or confusing, please write a comment and let me know. Drop me a line if there's something you want to know more about and I'll do my best to write a post on the topic.
    -- Major Hayden

    Flattr this