SSL Repeat Verification

[BradCowart]

WTF is the deal with recent update and SSL. I cannot buy certificates for all my sites and I do not control the server. Every upload asks for SSL. I have not had one since 2015. What can I do to disable this? The "Always trust" is disabled. Time for a better program or is there a fix. AT the end of my patience.

[botg]

Certificates do not need to be bought these days, they are free.

For FileZilla, even self-signed certificates are okay as it follows a user-guided trust-on-first-use model.

If a certificate cannot be permanently trusted, something must be wrong with the certificate. The thing that's wrong is written in red. That thing needs to be fixed.

[BradCowart]

I appreciate the reply. The problem is not the lack of SSL the web server (actually Plesk management system) has not had a valid ssl since 2015. The issue is how the current Filezilla responds. Before upgrade I was asked about ssl once on startup. Now I am asked every upload, I just want to turn the feature off.

It is not feasible to set up even a free certificate for the number of sites we upload to, so I really need to set this in FZ or perhaps download an earlier version. Any ideas?

[botg]

No, not having proper TLS will only become harder to use. Security is more important than laziness. Please update your certificates.

[BradCowart]

WOW not really lazy the program changed I was fine with it before. Plus we host several dozen sites and are very busy. Finding a program that works as we want is better than us changing to fit the program. But I do appreciate your feedback I know this is not an issue FZ can handle now.

[botg]

In a future version, connections to servers not having a valid certificate will be outright rejected.

[vajuvoyi]

This is happening to me as well. It was not a problem at the start where you needed to acknowledge an expired cert for browsing or starting the queue. But these days on this new version you need to acknowledge for every transfer.
For some legacy backed software we have no option to leave a self signed cert that expired many years ago.

To me it's not really a problem, I will just rollback to an older version or find something else.

I'll report back on which version is prompt-less on transfers.

BTW: An expired cert still provides secure transfers, unless the public key was compromised or based on a flawed hash (e.g. SHA1). Obviously this doesn't look good in the public domain, but for some admin trying to download logs from some crappy legacy software, why all the fuss.

At the very least give the admin control on the behavior

[botg]

The admin has control of it already, the admin can just install a valid certificate.

[vajuvoyi]

Maybe, but not in our case where the cert is embedded in a file which can only be modified by the vendor. Think self signed certs. I am the admin

Anyway I've rolled back to 3.29 and no more annoying prompts for each file I download...When your're downloading 1000's of log files it becomes a little annoying.

I don't mind it asking at queue start, but for each file. Ghez, even Chrome is not so fussy