FileZilla Forums

Welcome to the official discussion forums for FileZilla
https://forum.filezilla-project.org/

Certificate problem

https://forum.filezilla-project.org/viewtopic.php?f=6&t=54768

Page 1 of 1

Certificate problem

Posted: 2022-05-22 08:14
by dormi98
Hello everyone!

I have an official certificate which is installed on a windows web server.
I exported the certificate with the private key and used openssl to convert it to X509 (crt and key file)

When I use this certificate with version 1.4.1. I get an error "cannot read certificate"
I can use it with older versions however.

But it seems that there is still something wrong.
When I do a test with https://testtls.com/
I get two errors:
Cipher Order - NOT a cipher order configured
Chain of Trust - failes (chain incomplete)

under IIS the certificate is valid of course.


What did I do wrong?

Re: Certificate problem

Posted: 2022-05-23 09:36
by botg
The certificate always is X.509. What differs is the file format used to store it.

FileZilla Server expects the certificate to be provided in PEM. Basically the base64-encoded DER-serialized ASN.1 structure of the X.509 certificate, surrounded by -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
Similar for the private key, also PEM.

Last but not least, make sure the Windows user account the FileZilla Server service runs under has permission to access the certificate and key files.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited