Proftpd TLS on RedHat/Fedora/CentOS

Computer Tips - Proftpd TLS on RedHat/Fedora/CentOS

Date: 2018jun20 OS: Linux Distro: RedHat/Fedora/CentOS Keywords: SSL Q. Proftpd TLS on RedHat/Fedora/CentOS A. This worked for me. First, get Proftp going without TLS. Connect from another computer and make sure you have the main ftp port (21) and your passive ports open to the firewall. Commen-out some lines in /etc/proftpd.conf Orginally

<IfDefine TLS> TLSEngine on TLSRequired on TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem TLSCipherSuite ALL:!ADH:!DES TLSOptions NoCertRequest TLSVerifyClient off #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 TLSLog /var/log/proftpd/tls.log <IfModule mod_tls_shmcache.c> TLSSessionCache shm:/file=/var/run/proftpd/sesscache </IfModule> /IfDefine>

Change to

# <IfDefine TLS> TLSEngine on TLSRequired on TLSRSACertificateFile /etc/pki/tls/certs/proftpd.pem TLSRSACertificateKeyFile /etc/pki/tls/certs/proftpd.pem TLSCipherSuite ALL:!ADH:!DES TLSOptions NoCertRequest TLSVerifyClient off #TLSRenegotiate ctrl 3600 data 512000 required off timeout 300 TLSLog /var/log/proftpd/tls.log # <IfModule mod_tls_shmcache.c> # TLSSessionCache shm:/file=/var/run/proftpd/sesscache # </IfModule> # </IfDefine>

Make the .pem files

openssl req -x509 -nodes -newkey rsa:1024 -keyout /etc/pki/tls/certs/proftpd.pem -out /etc/pki/tls/certs/proftpd.pem

Restart

systemctl restart proftpd

Test with FileZilla