Certificate problem

Need help with FileZilla Server? Something does not work as expected? In this forum you may find an answer.

Moderator: Project members

Post Reply
Message
Author
dormi98
500 Command not understood
Posts: 2
Joined: 2022-05-22 08:05
First name: Gerald
Last name: Gold

Certificate problem

#1 Post by dormi98 » 2022-05-22 08:14

Hello everyone!

I have an official certificate which is installed on a windows web server.
I exported the certificate with the private key and used openssl to convert it to X509 (crt and key file)

When I use this certificate with version 1.4.1. I get an error "cannot read certificate"
I can use it with older versions however.

But it seems that there is still something wrong.
When I do a test with https://testtls.com/
I get two errors:
Cipher Order - NOT a cipher order configured
Chain of Trust - failes (chain incomplete)

under IIS the certificate is valid of course.


What did I do wrong?

User avatar
botg
Site Admin
Posts: 35503
Joined: 2004-02-23 20:49
First name: Tim
Last name: Kosse

Re: Certificate problem

#2 Post by botg » 2022-05-23 09:36

The certificate always is X.509. What differs is the file format used to store it.

FileZilla Server expects the certificate to be provided in PEM. Basically the base64-encoded DER-serialized ASN.1 structure of the X.509 certificate, surrounded by -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
Similar for the private key, also PEM.

Last but not least, make sure the Windows user account the FileZilla Server service runs under has permission to access the certificate and key files.

Post Reply