Opened 4 months ago

Last modified 4 months ago

#12791 new Bug report

need help to install CA certificate to SFTP server

Reported by: jcstaquet Owned by:
Priority: high Component: FileZilla Server
Keywords: Cc: jcstaquet
Component version: 1.5.1 Operating system type: Windows
Operating system version: 2016

Description

I followed these steps:

1) create CSR and private key:
$ openssl req -newkey rsa:2048 -keyout PRIVATEKEY.key -out MYCSR.csr
Generating a RSA private key
...................................................+++++
.........................+++++
writing new private key to 'PRIVATEKEY.key'
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:


2) Copy+paste the CSR to request a new CA certificate (PKCS7b - *.pem format)

3) Download the certificate in *.pem format to the FTP server

4) Add the private key to the filezilla FTP server (see attached screenshot)

5) The FTP server is unable to read the certificate details (grayed) and connection failed with "Response: 504 TLS handshaking failed!"

Attachments (1)

FileZilla_CA.jpg (72.5 KB ) - added by jcstaquet 4 months ago.
screenshot of TLS settings

Download all attachments as: .zip

Change History (3)

by jcstaquet, 4 months ago

Attachment: FileZilla_CA.jpg added

screenshot of TLS settings

comment:1 by Tim Kosse, 4 months ago

Status: newmoreinfo

The instructions are incomplete. How do turn the CSR into a certificate?

CA certificates are typically self-signed. Did you sign the CA certificate with the generated private key?

comment:2 by jcstaquet, 4 months ago

Status: moreinfonew

You need to send a CSR (certificate signing request) to the Certificate Authority and they send you back a signed certificate. So this is not a self-signed certificate.

Note: See TracTickets for help on using tickets.