VSFTPD over SSL

6 Sep

Need to add the following to bottom of /etc/vsftpd/vsftpd.conf:

ssl_enable=YES
ssl_tlsv1=YES
ssl_sslv2=YES
ssl_sslv3=YES
rsa_cert_file=/etc/vsftpd/vsftpd.pem
force_local_data_ssl=YES

Then you have to create the /etc/vsftpd/vsftpd.pem file:

openssl req -x509 -nodes -days 7300 -newkey rsa:2048 -keyout vsftpd.pem -out vsftpd.pem

To export this .pem file so that a client can import it, use:

openssl x509 -outform DER -in vsftpd.pem -out cacert.cert

Then a java client can import the certificate doing:

keytool -import -trustcacerts -alias mycert -file cacert.cert -keystore mykeystore
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: