[BlueOnyx:05774] Re: http://bugs.proftpd.org/show_bug.cgi?id=3521
Michael Stauber
mstauber at blueonyx.it
Thu Nov 11 08:37:19 -05 2010
Hi Chris,
> This looks pretty good. I think the idea of FTP over SSL is great. Is
> a separate SSL certificate required, or is the "default" BX cert used?
It uses the same automatically created certificate that Dovecot uses.
See /etc/proftpd.conf:
# TLS
<IfModule mod_tls.c>
TLSEngine on
TLSLog /var/log/proftpd/tls.log
TLSRequired off
TLSRSACertificateFile /etc/pki/dovecot/certs/dovecot.pem
TLSRSACertificateKeyFile /etc/pki/dovecot/private/dovecot.pem
TLSVerifyClient off
TLSOptions NoCertRequest
TLSRenegotiate required off
</IfModule>
Of course the drawback is that anyone using FTP over SSL will get a
certificate warning, saying that this certificate is self signed.
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list