Page 1 of 2
TLS Error on FileZilla 1.2 (solved)
Posted: 2022-01-18 19:32
by CrimpOn
Please excuse my ignorance.
One of my security cameras had a firmware update and now defaults to FTP over TLS rather than plain (unencrypted) FTP.
"No problem". Port 21 clearly states it supports both TLS and plain FTP.
However, the FileZilla log shows this:
Code: Select all
2022-01-18T19:18:33.781Z >> [FTP Session 171 192.168.1.52] AUTH TLS
2022-01-18T19:18:33.784Z << [FTP Session 171 192.168.1.52] 234 Using authentication type TLS.
2022-01-18T19:18:33.799Z !! [FTP Session 171 192.168.1.52] GnuTLS error -87: No supported cipher suites have been found.
2022-01-18T19:18:33.800Z !! [FTP Session 171 192.168.1.52] Control channel closed with error from source 0. Reason: ECONNABORTED - Connection aborted.
2022-01-18T19:18:33.800Z !! [FTP Server] Session 171 ended with error from source 0. Reason: ECONNABORTED - Connection aborted.
FileZilla is set to use the Self-Signed certificate that was generated automatically when version 1.2 was installed.
Can someone please point me toward the steps to correct my installation?
Thanks
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-18 20:11
by botg
It appears your client doesn't support modern ciphers. Please update your client so that it supports the default ciphers mandated by TLS 1.2 and TLS 1.3.
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-19 00:49
by CrimpOn
Thank you for the speedy response. I had already registered a complaint with the security camera tech support over changing the default to TLS.
Now I can ding them about their "Optimized FTP function" is defective in regards to TLS.
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-20 19:02
by CrimpOn
The camera company suggested that I install Cerebus FTP to confirm the problem.
(anyone not happy with the FileZilla install process will not enjoy Cerebus.
)
Now have FileZilla on port 21 and Cerebus on port 121. Cerebus claims to support TLS 1.2
Alas, the camera connects to Cerebus with TLS and transfers file. No errors.
(This was not what I wanted.)
Perhaps the issue is that the default FileZilla installation puts the self-signed certificate where the connection cannot find it?
I remain frustrated that the camera user interface provides a default of "plain" and instead uses TLS.
Sorry to be unable to figure this out myself.
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-20 19:43
by CrimpOn
Log from failed session:
Code: Select all
2022-01-20T19:38:51.745Z II [FTP Session 4174 192.168.1.52] Session 0x276776db040 with ID 4174 created.
2022-01-20T19:38:51.803Z >> [FTP Session 4174 192.168.1.52] AUTH TLS
2022-01-20T19:38:51.803Z DD [FTP Session 4174 192.168.1.52] securer(1) ENTERING state = 0
2022-01-20T19:38:51.803Z DD [FTP Session 4174 192.168.1.52] calling tls_layer_->set_certificate_file("C:\WINDOWS\system32\config\systemprofile\AppData\Local\filezilla-server\certificates\f9ded7fd623594f07ebc396eb718e48ec0a2e9f741f542ea4b135db88a45e588\key.pem", "C:\WINDOWS\system32\config\systemprofile\AppData\Local\filezilla-server\certificates\f9ded7fd623594f07ebc396eb718e48ec0a2e9f741f542ea4b135db88a45e588\cert.pem", "****")
2022-01-20T19:38:51.804Z DD [FTP Session 4174 192.168.1.52] securer(1) EXITING state = 1
2022-01-20T19:38:51.804Z << [FTP Session 4174 192.168.1.52] 234 Using authentication type TLS.
2022-01-20T19:38:51.804Z DD [FTP Session 4174 192.168.1.52] ~securer(1) ENTERING state = 1
2022-01-20T19:38:51.804Z DD [FTP Session 4174 192.168.1.52] calling tls_layer_->set_alpn("ftp")
2022-01-20T19:38:51.804Z VV [FTP Session 4174 192.168.1.52] tls_layer_impl::server_handshake()
2022-01-20T19:38:51.804Z VV [FTP Session 4174 192.168.1.52] tls_layer_impl::continue_handshake()
2022-01-20T19:38:51.804Z DD [FTP Session 4174 192.168.1.52] ~securer(1) EXITING state = 2
2022-01-20T19:38:51.804Z DD [FTP Session 4174 192.168.1.52] tls_layer_impl::on_send()
2022-01-20T19:38:51.804Z VV [FTP Session 4174 192.168.1.52] tls_layer_impl::continue_handshake()
2022-01-20T19:38:51.825Z DD [FTP Session 4174 192.168.1.52] tls_layer_impl::on_read()
2022-01-20T19:38:51.825Z VV [FTP Session 4174 192.168.1.52] tls_layer_impl::continue_handshake()
2022-01-20T19:38:51.825Z DD [FTP Session 4174 192.168.1.52] TLS handshakep: Received CLIENT HELLO
2022-01-20T19:38:51.825Z DD [FTP Session 4174 192.168.1.52] tls_layer_impl::failure(-87)
2022-01-20T19:38:51.825Z !! [FTP Session 4174 192.168.1.52] GnuTLS error -87: No supported cipher suites have been found.
2022-01-20T19:38:51.825Z !! [FTP Session 4174 192.168.1.52] Control channel closed with error from source 0. Reason: ECONNABORTED - Connection aborted.
2022-01-20T19:38:51.825Z !! [FTP Server] Session 4174 ended with error from source 0. Reason: ECONNABORTED - Connection aborted.
2022-01-20T19:38:51.825Z II [FTP Session 4174 192.168.1.52] Session 0x276776db040 with ID 4174 destroyed.
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-20 19:44
by boco
I'm pretty sure you mean Cerberus FTP.
Sure, it claims to support FTP over TLS 1.2, but that is not the issue. The issue is that FileZilla Server REQUIRES AT LEAST FTP over TLS version 1.2 and the support of High-Encryption cipher suites. While Cerberus claims to support FTP over TLS 1.2 as well, it also probably still supports earlier versions. The camera simply negotiates the lower TLS version with the server, be it FTP over TLS 1.1, FTP over TLS 1.0 or, heaven forbid, even FTP over SSL 3.0. My bet is on TLS 1.0.
FileZilla Server will outright reject anything below TLS 1.2, and any lower-grade ciphers as well.
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-21 00:54
by CrimpOn
Thanks for the prompt. I checked Cerberus security settings and found this:
Only TLS 1.2 is checked. Perhaps Cerberus is allowing outdated ciphers?
It is not clear (to me) how SSL and TLS are connected in terms of ciphers. This is what Cerberus shows:
EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:EDH+aRSA:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED:!CAMELLIA
The Cerberus log shows: TLSv1.2 (DHE-RSA-AES256-GCM-SHA384), 256 bit encryption. Is this the part that is not accepted by FileZilla?
Code: Select all
1/20/2022 4:50:19 PM 130 Incoming connection request on FTP listener 11 at 192.168.1.2:121 accepted from 192.168.1.52:49816
1/20/2022 4:50:19 PM 130 AUTH TLS
1/20/2022 4:50:19 PM 130 234 Authentication method accepted
1/20/2022 4:50:20 PM 130 SSL connection using TLSv1.2 (DHE-RSA-AES256-GCM-SHA384), 256 bit encryption
1/20/2022 4:50:20 PM 130 SSL connection established
1/20/2022 4:50:20 PM 130 USER FrontDoorCam
1/20/2022 4:50:20 PM 130 331 User FrontDoorCam, password please
1/20/2022 4:50:20 PM 130 PASS ***********
1/20/2022 4:50:20 PM 130 Native user 'FrontDoorCam' authenticated
1/20/2022 4:50:20 PM 130 230 Password Ok, User logged in - This is an UNLICENSED copy of Cerberus FTP Server Home edition
1/20/2022 4:50:20 PM 130 CWD 2022
1/20/2022 4:50:20 PM 130 250 Change directory ok
1/20/2022 4:50:20 PM 130 CWD 01
1/20/2022 4:50:20 PM 130 250 Change directory ok
1/20/2022 4:50:21 PM 130 CWD 20
1/20/2022 4:50:21 PM 130 250 Change directory ok
1/20/2022 4:50:21 PM 130 MODE S
1/20/2022 4:50:21 PM 130 200 Mode is Stream
1/20/2022 4:50:21 PM 130 TYPE A
1/20/2022 4:50:21 PM 130 200 Type ASCII
1/20/2022 4:50:21 PM 130 PBSZ 0
1/20/2022 4:50:21 PM 130 200 PBSZ=0
1/20/2022 4:50:21 PM 130 PROT C
1/20/2022 4:50:21 PM 130 200 Clearing data channel
1/20/2022 4:50:21 PM 130 PASV
1/20/2022 4:50:21 PM 130 227 Entering Passive Mode (192,168,1,2,43,109)
1/20/2022 4:50:21 PM 130 STOR Front Door Cam_00_20220120165018.txt
1/20/2022 4:50:21 PM 130 150 Opening data connection
1/20/2022 4:50:21 PM 130 Successfully stored file at 'D:\Cerberus\2022\01\20\Front Door Cam_00_20220120165018.txt' (74 B received)
1/20/2022 4:50:21 PM 130 226 Transfer complete
1/20/2022 4:50:21 PM 130 QUIT
1/20/2022 4:50:21 PM 130 Connection terminated
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-21 02:37
by boco
When I'm connected to my FileZilla Server, it is using ECDHE (Elliptic Curve) ciphers. AFAIK the simple DHE ciphers do not offer Perfect Forward Secrecy, and for that reason, FileZilla Server might not offer support for them.
However, only @botg or @oibaf can answer that thoroughly.
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-21 09:16
by botg
DHE does offer PFS. It is much slower though than ECDHE though, which is why if possible FileZilla negotiates ECDHE.
@CrimpOn: Could you please post a Wireshark dump of the handshake attempt between your client and FileZilla Server? That way we can see what your client attempts to negotiate.
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-21 19:32
by CrimpOn
Wireshark capture of the camera attempting to FTP to FileZilla is here:
https://www.dropbox.com/s/pg7wy96ow3xos ... capng?dl=0
FileZilla server is 192.168.1.2 and the camera is 192.168.1.52.
I see the handshake where the camera connects to port 21 and the Server announces "ready for new client", and then the camera sends a TLSv1 message.
This puts the blame squarely on the camera. (Correct?)
I was a bit surprised that FileZilla does not appear to send any sort of
rejection. The impression I get is that FileZilla simply stops communicating with the camera.
And then the camera 'times out'.
Is this correct?
I really appreciate your patience.
(Now I have to ask Cerebus to explain why the camera was able to connect with Cerebus when it was set to accept ONLY TLSv1.2 and TLSv1.3. If Cerebus had rejected the camera <as it should have>, then I would not have kept bothering you. I fear Cerebus may not be as easy to communicate with as you are.)
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-21 20:13
by CrimpOn
Did the same Wireshark capture with the camera FTPing to Cerebus.
https://www.dropbox.com/s/0o83hmtnqsgbc ... capng?dl=0
This sure gives the impression that the camera is using TLSv1.2
My head hurts.
Camera TLS Error
Posted: 2022-01-24 19:30
by CrimpOn
Wireshark capture of the failed FTP session between camera and FileZilla server appears to contain a fatal coding inconsistency (or does it?)
Please see line 45 and line 50 of the expanded packet. Line 45 says TLSv1 (0x301) and Line 50 says TLSv3 (0x303) and proceeds to supply all sorts of TLS parameters.
Is this coding error enough to get FileZilla to reject the connection?
Code: Select all
1 "Frame 9: 235 bytes on wire (1880 bits), 235 bytes captured (1880 bits) on interface \Device\NPF_{F233B6E4-BE24-4723-AA85-49E87A7B1E81}, id 0"
2 "Ethernet II, Src: Front_Door_Cam (68:39:43:d7:fa:24), Dst: Dicks_HP (20:25:64:0f:ba:cd)"
3 "Internet Protocol Version 4, Src: Front_Door_Cam (192.168.1.52), Dst: Dicks_HP (192.168.1.2)"
4 "Transmission Control Protocol, Src Port: 49388, Dst Port: 21, Seq: 11, Ack: 114, Len: 181"
5 Source Port: 49388
6 Destination Port: 21
7 [Stream index: 0]
8 " [Conversation completeness: Complete, WITH_DATA (31)]"
9 [TCP Segment Len: 181]
10 Sequence Number: 11 (relative sequence number)
11 Sequence Number (raw): 2474896074
12 [Next Sequence Number: 192 (relative sequence number)]
13 Acknowledgment Number: 114 (relative ack number)
14 Acknowledgment number (raw): 1141086550
15 0101 .... = Header Length: 20 bytes (5)
16 " Flags: 0x018 (PSH, ACK)"
17 000. .... .... = Reserved: Not set
18 ...0 .... .... = Nonce: Not set
19 .... 0... .... = Congestion Window Reduced (CWR): Not set
20 .... .0.. .... = ECN-Echo: Not set
21 .... ..0. .... = Urgent: Not set
22 .... ...1 .... = Acknowledgment: Set
23 .... .... 1... = Push: Set
24 .... .... .0.. = Reset: Not set
25 .... .... ..0. = Syn: Not set
26 .... .... ...0 = Fin: Not set
27 [TCP Flags: ·······AP···]
28 Window: 4009
29 [Calculated window size: 64144]
30 [Window size scaling factor: 16]
31 Checksum: 0x8ca6 [unverified]
32 [Checksum Status: Unverified]
33 Urgent Pointer: 0
34 [Timestamps]
35 [Time since first frame in this TCP stream: 0.098337000 seconds]
36 [Time since previous frame in this TCP stream: 0.000000000 seconds]
37 [SEQ/ACK analysis]
38 [iRTT: 0.020591000 seconds]
39 [Bytes in flight: 181]
40 [Bytes sent since last PSH flag: 181]
41 TCP payload (181 bytes)
42 Transport Layer Security
43 TLSv1 Record Layer: Handshake Protocol: Client Hello
44 Content Type: Handshake (22)
45 Version: TLS 1.0 (0x0301)
46 Length: 176
47 Handshake Protocol: Client Hello
48 Handshake Type: Client Hello (1)
49 Length: 172
50 Version: TLS 1.2 (0x0303)
51 Random: 040492e3ecb0567a28b2107000f02e418237e7737bd1c35e67fccd950ebe382f
52 " GMT Unix Time: Feb 19, 1972 20:36:51.000000000 Pacific Standard Time"
53 Random Bytes: ecb0567a28b2107000f02e418237e7737bd1c35e67fccd950ebe382f
54 Session ID Length: 0
55 Cipher Suites Length: 96
56 Cipher Suites (48 suites)
57 Cipher Suite: TLS_DH_DSS_WITH_AES_256_GCM_SHA384 (0x00a5)
58 Cipher Suite: TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 (0x00a3)
59 Cipher Suite: TLS_DH_RSA_WITH_AES_256_GCM_SHA384 (0x00a1)
60 Cipher Suite: TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x009f)
61 Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x006b)
62 Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 (0x006a)
63 Cipher Suite: TLS_DH_RSA_WITH_AES_256_CBC_SHA256 (0x0069)
64 Cipher Suite: TLS_DH_DSS_WITH_AES_256_CBC_SHA256 (0x0068)
65 Cipher Suite: TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x0039)
66 Cipher Suite: TLS_DHE_DSS_WITH_AES_256_CBC_SHA (0x0038)
67 Cipher Suite: TLS_DH_RSA_WITH_AES_256_CBC_SHA (0x0037)
68 Cipher Suite: TLS_DH_DSS_WITH_AES_256_CBC_SHA (0x0036)
69 Cipher Suite: TLS_RSA_WITH_AES_256_GCM_SHA384 (0x009d)
70 Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA256 (0x003d)
71 Cipher Suite: TLS_RSA_WITH_AES_256_CBC_SHA (0x0035)
72 Cipher Suite: TLS_DH_DSS_WITH_AES_128_GCM_SHA256 (0x00a4)
73 Cipher Suite: TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 (0x00a2)
74 Cipher Suite: TLS_DH_RSA_WITH_AES_128_GCM_SHA256 (0x00a0)
75 Cipher Suite: TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x009e)
76 Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x0067)
77 Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 (0x0040)
78 Cipher Suite: TLS_DH_RSA_WITH_AES_128_CBC_SHA256 (0x003f)
79 Cipher Suite: TLS_DH_DSS_WITH_AES_128_CBC_SHA256 (0x003e)
80 Cipher Suite: TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x0033)
81 Cipher Suite: TLS_DHE_DSS_WITH_AES_128_CBC_SHA (0x0032)
82 Cipher Suite: TLS_DH_RSA_WITH_AES_128_CBC_SHA (0x0031)
83 Cipher Suite: TLS_DH_DSS_WITH_AES_128_CBC_SHA (0x0030)
84 Cipher Suite: TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x009a)
85 Cipher Suite: TLS_DHE_DSS_WITH_SEED_CBC_SHA (0x0099)
86 Cipher Suite: TLS_DH_RSA_WITH_SEED_CBC_SHA (0x0098)
87 Cipher Suite: TLS_DH_DSS_WITH_SEED_CBC_SHA (0x0097)
88 Cipher Suite: TLS_RSA_WITH_AES_128_GCM_SHA256 (0x009c)
89 Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA256 (0x003c)
90 Cipher Suite: TLS_RSA_WITH_AES_128_CBC_SHA (0x002f)
91 Cipher Suite: TLS_RSA_WITH_SEED_CBC_SHA (0x0096)
92 Cipher Suite: TLS_RSA_WITH_RC4_128_SHA (0x0005)
93 Cipher Suite: TLS_RSA_WITH_RC4_128_MD5 (0x0004)
94 Cipher Suite: TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA (0x0016)
95 Cipher Suite: TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA (0x0013)
96 Cipher Suite: TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA (0x0010)
97 Cipher Suite: TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA (0x000d)
98 Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)
99 Cipher Suite: TLS_DHE_RSA_WITH_DES_CBC_SHA (0x0015)
100 Cipher Suite: TLS_DHE_DSS_WITH_DES_CBC_SHA (0x0012)
101 Cipher Suite: TLS_DH_RSA_WITH_DES_CBC_SHA (0x000f)
102 Cipher Suite: TLS_DH_DSS_WITH_DES_CBC_SHA (0x000c)
103 Cipher Suite: TLS_RSA_WITH_DES_CBC_SHA (0x0009)
104 Cipher Suite: TLS_EMPTY_RENEGOTIATION_INFO_SCSV (0x00ff)
105 Compression Methods Length: 1
106 Compression Methods (1 method)
107 Compression Method: null (0)
108 Extensions Length: 35
109 Extension: session_ticket (len=0)
110 Type: session_ticket (35)
111 Length: 0
112 Data (0 bytes)
113 Extension: signature_algorithms (len=22)
114 Type: signature_algorithms (13)
115 Length: 22
116 Signature Hash Algorithms Length: 20
117 Signature Hash Algorithms (10 algorithms)
118 Signature Algorithm: rsa_pkcs1_sha512 (0x0601)
119 Signature Algorithm: SHA512 DSA (0x0602)
120 Signature Algorithm: rsa_pkcs1_sha384 (0x0501)
121 Signature Algorithm: SHA384 DSA (0x0502)
122 Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
123 Signature Algorithm: SHA256 DSA (0x0402)
124 Signature Algorithm: SHA224 RSA (0x0301)
125 Signature Algorithm: SHA224 DSA (0x0302)
126 Signature Algorithm: rsa_pkcs1_sha1 (0x0201)
127 Signature Algorithm: SHA1 DSA (0x0202)
128 Extension: heartbeat (len=1)
129 Type: heartbeat (15)
130 Length: 1
131 Mode: Peer allowed to send requests (1)
132 " [JA3 Fullstring: 771,165-163-161-159-107-106-105-104-57-56-55-54-157-61-53-164-162-160-158-103-64-63-62-51-50-49-48-154-153-152-151-156-60-47-150-5-4-22-19-16-13-10-21-18-15-12-9-255,35-13-15,,]"
133 [JA3: dac10c3caa29f6c6ce48ae4c2fdca84a]
The camera company's engineers suggest that I "turn off" TLS support on FileZilla, to which I respond:
#1 - That is not possible.
#2 - A modern FTP server MUST support TLS security.
What remains unexplained is why Cerebus FTP accepts the connection when it is set to accept only TLSv3. (Perhaps they ignore the coding inconsistency?)
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-25 10:10
by botg
For historical reasons, the TLS version printed in the various record layer and handshake message packets are an absolute clusterfuck. Nothing to worry about here, situation normal, all fucked up.
I was a bit surprised that FileZilla does not appear to send any sort of rejection.
It cannot, as the connection is in an in-between state.
The impression I get is that FileZilla simply stops communicating with the camera. And then the camera 'times out'.
FileZilla Server closes the connection. Not noticing that the connection got closed is the client's issue.
According to the package dump your client doesn't support elliptic curve cryptography, in particular it doesn't support X.509 certificates with an elliptic curve signature. Algorithms with elliptic curve cryptography were added to TLS 1.1 as an extension in 2006, and made part of TLS 1.2 in 2008. The certificates generated by FileZilla Server are signed using ECDSA.
The best option would be to update your client to support ECDSA (and ECDHE while at it). Alternatively you could generate your TLS certificates outside of FileZilla Server signed using RSA, though this will come at the cost of more expensive handshakes as it's a far slower algorithm.
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-25 19:10
by CrimpOn
Thanks for the thorough explanation. (My "aha moment" being totally incorrect.)
I notice that the camera connection refers to Cipher Suites and Signature Algorithms using hex codes (0x00a5, 0x601, etc.)
Would like to direct them to a reference for the specific ECDSA and ECDHE certificate mechanisms used by FileZilla. I don't find ECDSA or ECDHE on the RFC (pages 85-86)
https://datatracker.ietf.org/doc/html/rfc5246
Is there a better reference document?
I'm 90% certain that these guys just picked up an FTP package to bundle with their camera firmware (sigh). So incorporating support for newer algorithms may be beyond their capability. I am a bit ticked off that they use Cerebus FTP as their example platform since the least costly version of Cerebus is $500.
Tempted to look at Let's Encrypt, but cannot find information on their web site as to which Cipher Suite they use so that I can see if the camera supports it. Definitely not worth the effort if it doesn't.
Can you please mark this post "Solved"?
Re: TLS Error on FileZilla 1.2
Posted: 2022-01-26 08:48
by botg
See
https://datatracker.ietf.org/doc/html/rfc4492#section-6 and
https://datatracker.ietf.org/doc/html/r ... -7.4.1.4.1 for reference.
FileZilla Server also uses ECDSA when obtaining certificates from Let's Encrypt or any other ACME directory.