Opened 4 years ago
#12153 new Bug report
SSL Private Key Password unencrypted
| Reported by: | Romain | Owned by: | |
|---|---|---|---|
| Priority: | critical | Component: | FileZilla Server |
| Keywords: | SSL, security | Cc: | |
| Component version: | Operating system type: | Windows | |
| Operating system version: | Windows 2016 |
Description
I just discovered the SSL private Key password is left unencrypted in the settings files (FileZilla Server.xml)
This is a big security issue has anyone can stole the key...
Note : The admin password is also left unencrypted in the file
Note:
See TracTickets
for help on using tickets.
