Opened 3 years ago
Last modified 3 years ago
#12666 new Bug report
Filezilla server 1.20 / 1.30 does not allow admin interface to connect ( possible tls issue)
| Reported by: | Wesley | Owned by: | |
|---|---|---|---|
| Priority: | normal | Component: | FileZilla Server |
| Keywords: | Cc: | ||
| Component version: | Operating system type: | Windows | |
| Operating system version: | 2016 |
Description
we are running filezilla server 1.30 ( previously 1.20 which also had the same issue)
the ftp server part runs fine
but the admin interface does not work ( log throws a tls error )
we have a production server and a testing server.
on the testing server it runs fine
the test server has more strict setup of enabled tls version and cipher suites ( see attachment)
i suspect it might be somewhere in the code where it chooses the encryption method for the local connection with the admin interface.
Attachments (3)
Change History (13)
by , 3 years ago
| Attachment: | tls error.png added |
|---|
comment:1 by , 3 years ago
| Status: | new → moreinfo |
|---|
The third-party tool you are using has no impact on the TLS parameters negotiated by FileZilla Server.
Which port are you connecting to? Is it the same port configured during installation as administration port?
comment:2 by , 3 years ago
| Status: | moreinfo → new |
|---|
the thirdparty tool sets the schannel settings on the windows server os ( + cipher suites)
it was on the default port. i have tried setting it to a different port but i have the same problem(by running the installer again with a different port) .
if there is a way to better debug this and provide you with more information let mek now
comment:3 by , 3 years ago
| Status: | new → moreinfo |
|---|
FileZilla Server does not use schannel.
Could some firewall be blocking the communication?
comment:4 by , 3 years ago
| Status: | moreinfo → new |
|---|
no windows firewall is disabled, the normal FTP traffic works without a problem . its only the admin interface. when i select a wrong port i get the same message ( only not the GNU TLS error)
also amended the server OS in the issue ( its 2016 not 2012 R2)
comment:5 by , 3 years ago
| Operating system version: | 2012 R2 → 2016 |
|---|
comment:6 by , 3 years ago
| Status: | new → moreinfo |
|---|
What is being written into the server's log file, located in the Logs directory inside the installation directory?
comment:7 by , 3 years ago
| Status: | moreinfo → new |
|---|
Hello Tim,
the Logs directory is Empty. i found that we had logfiles in the 32bit version of the server ( we upgraded in October).
i have also renamed the filezilla-server-gui folder in appdata to see if that resolved anything
comment:9 by , 3 years ago
| Status: | new → moreinfo |
|---|
the Logs directory is Empty. i found that we had logfiles in the 32bit version of the server ( we upgraded in October).
FileZilla Server does not support 32bit Windows.
I'm beginning to question this original statement:
the ftp server part runs fine
How did you check this? Did you ensure that there is no other FTP server running as well on the same machine?
comment:10 by , 3 years ago
| Status: | moreinfo → new |
|---|
@Tim
while testing on my own machine , i managed to trigger the root cause
a invalid certificate under Administration. once that is misconfigured and you exit the admin tool you cannot connect anymore until you modify the settings xml file under
C:\Windows\System32\config\systemprofile\AppData\Local\filezilla-server
i have fixed it by editing the line <tls min_protocol_version="2" index="1"> to <tls min_protocol_version="2" index="2"> and copying a fingerprint from a fresh installation
and removing the lines stating the path to the incorrect certificate
error message