Commercial Certificates are not supported
Posted: 2009-02-25 23:46
I've spent quite a bit of time today trying to get a commercial certificate working with FileZilla, only to conclude that FileZilla doesn't support such certificates. When you think about it, it's pretty obvioius. The interface provides only for a single certificate and private key. Obviously, all commercial certificates require a CA certificate at least.
You can add the CA and Intermediate certificates to the certificate file but FileZilla will just ignore them. You can have as many Intermediate and CA certificates in the certificate file as you like but unless the FQDN Certificate is first in the file, FileZilla won't load the certificate.
I have just noticed that the latest FileZilla Client, 3.2.2.1, implicitly acknowledges this limitation by no longer displaying an error message that appeared in 2.2.18 - "The error occured [sic] at a depth of 1 in the certificate chain". Instead, it simply shows the certificate details to the user and asks them whether or not to accept it.
So, after hours of trying to get a commercial certificate to work, I've given up and gone for a self-signed one. Luckily I was using a 30 day trial one from Comodo.
BTW, I don't intend for this to be a negative post. I think FileZilla is great. I just thought I'd save anyone thinking about using a commercial certificate a lot of time!
Of course, if anyone has got a commercial certificate to work then please let me know!
You can add the CA and Intermediate certificates to the certificate file but FileZilla will just ignore them. You can have as many Intermediate and CA certificates in the certificate file as you like but unless the FQDN Certificate is first in the file, FileZilla won't load the certificate.
I have just noticed that the latest FileZilla Client, 3.2.2.1, implicitly acknowledges this limitation by no longer displaying an error message that appeared in 2.2.18 - "The error occured [sic] at a depth of 1 in the certificate chain". Instead, it simply shows the certificate details to the user and asks them whether or not to accept it.
So, after hours of trying to get a commercial certificate to work, I've given up and gone for a self-signed one. Luckily I was using a 30 day trial one from Comodo.
BTW, I don't intend for this to be a negative post. I think FileZilla is great. I just thought I'd save anyone thinking about using a commercial certificate a lot of time!
Of course, if anyone has got a commercial certificate to work then please let me know!