search for: rsa_cert_fil

vsftpd-2.0.1-5 I am trying to get vsftpd to start with ssl_enabled=yes and not having much success. The config file works when ssl_enabled=No and does not work when ssl_enabled=Yes. I have tried setting the following: rsa_cert_file=/usr/share/ssl/certs/inet06cert.pem which is the public certificate and this: rsa_cert_file=/usr/share/ssl/private/inet06key.pem which is the server private key. Both these are in use by the apache web server as : SSLCertificateFile /usr/share/ssl/certs/inet06cert.pem and SSLCertificateKey...

I have a new CentOS 7.4 (recently upgraded to 7.5) system that I have been struggling with in configuring vsftpd for FTPS Implicit (port 990). (The latest instructions I've used are at: https://www.unixmen.com/configure-vsftpd-ssltls-centos-7/) Using Filezilla client, I get: Error: GnuTLS error -15: An unexpected TLS packet was received. Error: Could not connect to

...pment server. Internally, we access it with regular FTP (we use DreamWeaver 8). In the references i saw, i'd just add the following lines and it is supposed to work: ssl_enable=YES allow_anon_ssl=NO force_local_data_ssl=NO force_local_logins_ssl=NO ssl_tlsv1=YES ssl_sslv2=YES ssl_sslv3=NO rsa_cert_file=/etc/vsftpd/vsftpd.pem Here are the previous lines in my vsftpd config: anonymous_enable=YES local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_std_format=YES chroot_local_user=YES chroot_list_enable=YES chroot_list_file=...

...with a bandwidth exceeded warning, so I guess it must be quite popular. I'm using LetsEncrypt certificates. My site domain is replaced with example.com. Use your own domain name there as registered with LetsEncrypt. # see # http://beginlinux.com/blog/2009/01/secure-ftp-with-ssl-on-centos/ rsa_cert_file=/etc/letsencrypt/live/example.com/fullchain.pem rsa_private_key_file=/etc/letsencrypt/live/example.com/privkey.pem ssl_enable=YES force_local_logins_ssl=NO force_local_data_ssl=NO ssl_tlsv1=YES ssl_sslv2=YES ssl_sslv3=YES # limit pasv ports to range that iptables can check pasv_min_port=6900 pasv...

...ers=YES ssl_enable=YES implicit_ssl=yes <--- tried with and without this and the port 21 below listen_port=21 <-- see above allow_anon_ssl=NO force_local_data_ssl=NO <-- set this to yes so I can still test normal functions force_local_logins_ssl=NO ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO rsa_cert_file=/etc/pki/tls/certs/vsftpd.pem ssl_ciphers=HIGH <-- this was added as I was using filezilla and it wanted different ciphers. without this it would have a tls fatal error, adding this absolved that issue. Now I have tried playing with the settings and in all cases when it can connect it dies...

...# Make sure, that one of the listen options is commented !! #listen_ipv6=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES ###added for TLSand SSL permission ssl_enable=YES allow_anon_ssl=NO force_local_data_ssl=NO force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=YES ssl_sslv3=YES rsa_cert_file=/etc/vsftpd/vsftpd.pem rsa_private_key_file=/etc/vsftpd/vsftpd.pem local_root=/var/ftp #userlist_file=/etc/vsftpd/ftpusers userlist_file=/etc/vsftpd/ftpusers #userlist_file=/etc/vsftpd/user_list pasv_enable=YES anon_max_rate=10485760 local_max_rate=0 max_clients=500 max_per_ip=4 passwd_chroot_enab...

...=http-3A__beginlinux.com_blog_2009_01_secure-2Dftp-2Dwith-2Dssl-2Don-2Dcentos_&d=DwICAg&c=laxeQK7vPmHfouIIPNyCfbQd49eK3u00U8Jdo0RFvts&r=EOaM1MkMLG24_TOy4m7EdDoX0CP9-c0YJ2kTdeagcqQ&m=pOhXDNk2HbQgZLcLf-QR_SwfNLQr4nYWByJ7xBAEhzo&s=BtdOGrSrWbyXnhcXRGrpjCnjzIHLoKYhtVyCn7OhEWQ&e= rsa_cert_file=/etc/letsencrypt/live/example.com/fullchain.pem rsa_private_key_file=/etc/letsencrypt/live/example.com/privkey.pem ssl_enable=YES force_local_logins_ssl=NO force_local_data_ssl=NO ssl_tlsv1=YES ssl_sslv2=YES ssl_sslv3=YES # limit pasv ports to range that iptables can check pasv_min_port=6900 pasv...