I am considering picking up a wildcard SSL certificate for my website and hopefully for using SFTP with FileZilla Server (implicit TLS/SSL). I want to make sure that:
(a) that would work (aka - FileZilla FTP Server can take the certificate generated by a certificate authority like Thawte, Network Solutions, etc. and use it to create a secure connection with implicit TLS/SSL);
(b) see if there are any instructions I should follow to get it working - do I just specificy the cert file in the interface? Do I need to edit the cert file to include more or less data? Etc.; and finally:
(c) if anyone had any generic advice on the subject - problems, reports of how easy it is to do, that kind of thing.
I appreciate any and all feedback.
Thank you.
Purchasing an SSL Certificate for FileZilla Server
Moderator: Project members
Re: Purchasing an SSL Certificate for FileZilla Server
As long as the certificate is in PEM format and contains the certificate chain, it should work.
Re: Purchasing an SSL Certificate for FileZilla Server
why not roll your own, using FZserver built in certificate generator? If that one don't do it for you then there are tons of options other than paying for SSL/TLS certificates and unless you really *require* a common, pre-known/trusted root type of CA in the chain then I would recommend shopping around (for free and easy stuff) first. XCA is a little old- but damn good and easy- https://sourceforge.net/projects/xca the homepage is basically the user manual (same as the program help when installed) http://xca.sourceforge.net there's also a nice addon for FireFox called Key Manager works pretty dang good https://addons.mozilla.org/en-US/firefox/addon/4471 (scroll down to find links to ALR-2006-044.pdf ALR-2007-023.pdf, couple good pubs for KM).... or get into OpenSSL docs and generate your own from scratch.
Sorry if I missed the mark on this and you actually do require a trusted root CA signed cert, ouch.. Have a good one!
Sorry if I missed the mark on this and you actually do require a trusted root CA signed cert, ouch.. Have a good one!
-
javelinco
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2008-07-09 19:23
- First name: Mark
- Last name: Munson
Re: Purchasing an SSL Certificate for FileZilla Server
Thanks redleg - I'll take a look.
Thank you - both of you.
Thank you - both of you.
-
javelinco
- 503 Bad sequence of commands
- Posts: 20
- Joined: 2008-07-09 19:23
- First name: Mark
- Last name: Munson
Re: Purchasing an SSL Certificate for FileZilla Server
I purchased a wildcard SSL certificate, and one of the formats is PEM. When I look at the contents of the file, it's got three sections of "BEGIN CERTIFICATE" and "END CERTIFICATE". When I try to designate it as the certificate to use, FileZilla server tells me "Could not load key file."
Can you help me figure this out?
Can you help me figure this out?
Re: Purchasing an SSL Certificate for FileZilla Server
In order to sign anything with your certificate (i.e. the certificate exchange during the SSL handshake), you need the certificate's private key.
You did create a private key prior to generating your CSR and submitting the CSR to the CA. Make sure to convert the key into PEM format if it isn't already. (I think it's enclosed in BEGIN/END PRIVATE KEY or something similar)
You did create a private key prior to generating your CSR and submitting the CSR to the CA. Make sure to convert the key into PEM format if it isn't already. (I think it's enclosed in BEGIN/END PRIVATE KEY or something similar)