Hello, i recently moved from proftpd to pure-ftpd. Now when i connect Filezilla works fine but it does show error
1) Error: Server sent unsorted certificate chain in violation of the TLS specifications
Any ideas, i am using stock "/etc/pure-ftpd.conf", i guess thats default for new installs. Also in the header location of the config file it states that to use this file run following command
/usr/sbin/pure-ftpd /etc/etc/pure-ftpd.conf
This is incorrect, should be one etc not 2, i modified and ran this command and did not got any response so i guess it was all good.
2) I updated my config file to only use TLS 1.2, my edits
Restarted pure-ftpd and log files shows
[INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
I was hoping to see TLS1.2 for connection, in advise.
Thanks
1) Error: Server sent unsorted certificate chain in violation of the TLS specifications
Any ideas, i am using stock "/etc/pure-ftpd.conf", i guess thats default for new installs. Also in the header location of the config file it states that to use this file run following command
/usr/sbin/pure-ftpd /etc/etc/pure-ftpd.conf
This is incorrect, should be one etc not 2, i modified and ran this command and did not got any response so i guess it was all good.
2) I updated my config file to only use TLS 1.2, my edits
# This option accepts three values:
# 0: disable SSL/TLS encryption layer (default).
# 1: accept both cleartext and encrypted sessions.
# 2: refuse connections that don't use the TLS security mechanism,
# including anonymous sessions.
# Do _not_ uncomment this blindly. Double check that:
# 1) The server has been compiled with TLS support (--with-tls),
# 2) A valid certificate is in place,
# 3) Only compatible clients will log in.
TLS 2
# Cipher suite for TLS sessions.
# The default suite is secure and setting this property is usually
# only required to *lower* the security to cope with legacy clients.
# Prefix with -C: in order to require valid client certificates.
# If -C: is used, make sure that clients' public keys are present on
# the server.
# TLSCipherSuite HIGH:MEDIUM:+TLSv1:!SSLv2:+SSLv3
TLSCipherSuite HIGH:MEDIUM:+TLSv1.2:!TLSv1.1:!TLSv1:!SSLv2:!SSLv3
Restarted pure-ftpd and log files shows
[INFO] TLS: Enabled TLSv1/SSLv3 with ECDHE-RSA-AES256-GCM-SHA384, 256 secret bits cipher
I was hoping to see TLS1.2 for connection, in advise.
Thanks