FileZilla Forums

I have two VMs set up using the same version of FileZilla Server (0.9.13b). On ServerA I seem to have no issues when connecting with TLS. On ServerB (a new one I have created) I have an issue connecting using the same client with the same settings...

GnuTLS error -8: A packet with illegal or unsupported version was received.

Is there something I need to do on the server itself to support other TLS versions like TLS 1.2?

You absolutely must update those servers. Cheesus fucking crust that's antique....

LOL I'm trying to but there were features taking out of the newer versions that are no longer available to me in the newer versions. I would love to update so bad. But as old as that version is and as much as I would like to update it, the issue I'm experiencing is not related to the age of the version of Filezilla server I'm running. Like I said, it works fine with no issues on another server. I'm just trying to figure out what is different on the Windows Server 2019 boxes that would allow one to use TLS 1.2 and one to only use TLS 1.0.

To ask a more pointed question...

FileZilla Server 0.9.13b beta does support TLS 1.2 correct?

No. TLS 1.2 support was added in 0.9.43, according to version history.

https://filezilla-project.org/versions.php?type=server

Thanks boco! Then at this point I'm really confused. LOL

I have 0.9.13b beta running on a server and I have the latest version of FileZilla Client running with minimum version of TLS 1.2 required. It connects with no issues. How is that possible?

On the left is FileZilla Client FTP log (with detailed info) and on the right is the settings from FileZilla Client.


Running these same settings connecting to the second FTP server that should be 100% identical to the first (production and working as seen above) with the exception that the second (non-working) server is on a domain.

That old version does not officially and properly support TLS 1.2. However, I guess it makes no attempt to limit the upper TLS version, if the underlying OpenSSL library supports it (even if only experimental). Therefore, it negotiates whatever is supported by OpenSSL.

However, that doesn't mean it will support any of the security features of TLS 1.2 properly. Plus, it comes with a truckload of security vulnerabilities that will make grown men cry.

Official, proper TLS 1.2 awareness came with 0.9.43.

Unfortunately it looks like it might be time for me to move on from FileZilla Server. There was a small feature that is available in that "old version" (0.9.13b beta) that we have to have. In later versions the feature is now being actively blocked (for now reason other than it was not considered to ever be used by botg in the past). I have requested that this feature not be blocked and allowed but have not really heard any type of acknowledgement that it would be allowed again in the current version.

Anyway, as much as I love the FileZilla dev team and the product because of this I'm having to look for other solutions free/paid that will work for me. Thanks guys!

I realize that this is an ancient topic but I am seeing these errors in the log of the latest version:
Are they anything to be concerned of?

It's either antique clients or random garbage.

No idea which clients they use but it is like 80-90% of all connections.