TLS - FileZilla Server 1.2.0
Moderator: Project members
-
- 504 Command not implemented
- Posts: 11
- Joined: 2022-01-06 07:43
- First name: Nastasia
- Last name: Potts
TLS - FileZilla Server 1.2.0
Hi,
I could really use some help, I'm trying to set up Filezilla 1.2.0, and I have some trouble setting the server to be TLS encrypted.
I tested with plain FTP on port 21 and it was working. Then I added my certificate and I tried with the settings in the picture "port 21 - Require explicit FTP over TLS".
I also tried with port 990 and implicit FTP and it’s still not working. However, it was working with port 990 and implicit FTP with the auto-signed certificate.
Futhermore, I don't know why Filezilla service is constantly turning off.
I could really use some help, I'm trying to set up Filezilla 1.2.0, and I have some trouble setting the server to be TLS encrypted.
I tested with plain FTP on port 21 and it was working. Then I added my certificate and I tried with the settings in the picture "port 21 - Require explicit FTP over TLS".
I also tried with port 990 and implicit FTP and it’s still not working. However, it was working with port 990 and implicit FTP with the auto-signed certificate.
Futhermore, I don't know why Filezilla service is constantly turning off.
- Attachments
-
- Imacge.jpg (65.05 KiB) Viewed 4167 times
Re: TLS - FileZilla Server 1.2.0
What does it say in the log if you try to use FTP over TLS?
-
- 504 Command not implemented
- Posts: 11
- Joined: 2022-01-06 07:43
- First name: Nastasia
- Last name: Potts
Re: TLS - FileZilla Server 1.2.0
Thanks for answering so quickly. When I try to log in on ftps://ftp.xx.com with port 990 I received "Error GnuTLS - 15:An unexpected TLS packet was received" when it's configure with Require explicit FTP over TLS because when I try on port 990 with Implicit FTP over TLS I received "Impossible to establish a connexion "
Re: TLS - FileZilla Server 1.2.0
To clear up some confusion: port 990 is strictly for Implicit FTP over TLS (which is not standardized and thus not recommended). The preferred and recommended Explicit FTP over TLS connect to port 21 (by default, at least).
Not all servers support Implicit FTPS and the ones that do not have that port closed.
Not all servers support Implicit FTPS and the ones that do not have that port closed.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 504 Command not implemented
- Posts: 11
- Joined: 2022-01-06 07:43
- First name: Nastasia
- Last name: Potts
Re: TLS - FileZilla Server 1.2.0
Thanks for the explanation. So I should configure Explicit FTP over TLS and connect to port 21, but I still received the same error : "Error GnuTLS - 15:An unexpected TLS packet was received"
Re: TLS - FileZilla Server 1.2.0
What FTP client do you use?
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 504 Command not implemented
- Posts: 11
- Joined: 2022-01-06 07:43
- First name: Nastasia
- Last name: Potts
Re: TLS - FileZilla Server 1.2.0
I use FileZilla as FTP client. I did try to put on TLS options for the certificate
Re: TLS - FileZilla Server 1.2.0
You have provided a key (GoDaddy2019.key) and a cert. What concerns me is that the key is named GoDaddy2019, yet the cert is valid from 2021 to 2022. The certificate and key specified must match (be from the same CSR). Could you have accidentally have selected a defunct key as "Private key file"?
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 504 Command not implemented
- Posts: 11
- Joined: 2022-01-06 07:43
- First name: Nastasia
- Last name: Potts
Re: TLS - FileZilla Server 1.2.0
No,I think they match. I only have those files.
Re: TLS - FileZilla Server 1.2.0
What format is the keyfile in? In needs to be in PEM.
-
- 504 Command not implemented
- Posts: 11
- Joined: 2022-01-06 07:43
- First name: Nastasia
- Last name: Potts
Re: TLS - FileZilla Server 1.2.0
The keyfile was .key and I used .pem for the certificate. Should I use .pem as keyfile and .cert as certificate ?
Re: TLS - FileZilla Server 1.2.0
For what I know, both must be in PEM. Note that we refer to the internal format of the file, not merely the file extension. So, no matter if the key file ends in .key, .pem, or .bupkis, its internal format must be PEM. If it's in another format, currently, like PKCS, you need to convert it.
No support requests over PM! You will NOT get any reply!!!
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
FTP connection problems? Please read Network Configuration.
FileZilla connection test: https://filezilla-project.org/conntest.php
FileZilla Pro support: https://customerforum.fileZilla-project.org
-
- 504 Command not implemented
- Posts: 11
- Joined: 2022-01-06 07:43
- First name: Nastasia
- Last name: Potts
Re: TLS - FileZilla Server 1.2.0
I converted both in PEM and I still having the same issue.
Re: TLS - FileZilla Server 1.2.0
Please post a log from both the client and the server showing a connection attempt.
-
- 500 Command not understood
- Posts: 2
- Joined: 2022-01-12 05:01
- First name: Andy
- Last name: Wylde
Re: TLS - FileZilla Server 1.2.0
I am having the same issue with TLS and Filezilla. I have used FileZilla in the past with vsftp without issue. But had a new computer, downloaded lastest version and it fails. I've gone through several articles with suggested fixes but they usually deal with the failure to make a TLS connection, rather than making a connection and then bailing. I tried all the suggestions in any case but they didn't help. I have tried this with both a self-signed certificate and a commercial certificate (and matching key). It makes the TLS connection but then gets this error. Have no idea what it means or why.
From the client:
Status: Connecting to (removed for post):21...
Status: Connection established, waiting for welcome message...
Response: 220 (vsFTPd 3.0.3)
Command: AUTH TLS
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Status: TLS connection established.
Command: USER fourclarks
Response: 331 Please specify the password.
Command: PASS ************
Error: GnuTLS error -15 in gnutls_record_recv: An unexpected TLS packet was received.
Error: Could not read from socket: ECONNABORTED - Connection aborted
Error: Could not connect to server
From the Server (vsftpd.log):
Tue Jan 11 21:53:42 2022 [pid 27024] CONNECT: Client "::ffff: (removed for post)"
Tue Jan 11 21:53:51 2022 [pid 27018] [fourclarks] OK LOGIN: Client "::ffff: (removed for post)"
Tue Jan 11 21:53:56 2022 [pid 27034] CONNECT: Client "::ffff: (removed for post)"
Tue Jan 11 21:53:56 2022 [pid 27033] [fourclarks] OK LOGIN: Client "::ffff: (removed for post)"
Not much to go on ....... I can make you an account on the server if you want so you can try it yourself.
Andy
From the client:
Status: Connecting to (removed for post):21...
Status: Connection established, waiting for welcome message...
Response: 220 (vsFTPd 3.0.3)
Command: AUTH TLS
Response: 234 Proceed with negotiation.
Status: Initializing TLS...
Status: TLS connection established.
Command: USER fourclarks
Response: 331 Please specify the password.
Command: PASS ************
Error: GnuTLS error -15 in gnutls_record_recv: An unexpected TLS packet was received.
Error: Could not read from socket: ECONNABORTED - Connection aborted
Error: Could not connect to server
From the Server (vsftpd.log):
Tue Jan 11 21:53:42 2022 [pid 27024] CONNECT: Client "::ffff: (removed for post)"
Tue Jan 11 21:53:51 2022 [pid 27018] [fourclarks] OK LOGIN: Client "::ffff: (removed for post)"
Tue Jan 11 21:53:56 2022 [pid 27034] CONNECT: Client "::ffff: (removed for post)"
Tue Jan 11 21:53:56 2022 [pid 27033] [fourclarks] OK LOGIN: Client "::ffff: (removed for post)"
Not much to go on ....... I can make you an account on the server if you want so you can try it yourself.
Andy