I've got vsftpd up and running with ssl and virtual users (stored in mysql) and almost everything is just fine, except that my FTP Clients complains about unknown certificate.
I've created a private key and a csr. I sent the csr to Thawte and bought a 'SSL123' certificate. Then I added my private key and my certificate to a new .pem file. Vsftpd starts fine and login and everything works, but I have to manually accept the certificate. I've been googling around like a mad man, but I can not find one single page/example of people using a valid certificate, except one page over at cacert.org. All other pages, forums, wikis etc only use self-signed certificates, and only say ".. or you can buy a certificate from known CA". I've tested with FileZilla, SmartFTP and CuteFTP from Windows. FileZilla and CuteFTP complained, SmartFTP did not somehow. Am I doing something wrong with the pem file? Commands I've used to create certificate(s): # openssl genrsa -out ftp.carrot.no.key 2048 # openssl req -new -key ftp.carrot.no.key -out ftp.carrot.no.csr *use csr to get certificate .crt* # cat ftp.carrot.no.crt ftp.carrot.no.key > ftp.carrot.no.pem Image of warning from FileZilla: http://img230.imageshack.us/img230/4786/20071126sslonftpcarrotnyf4.jpg Christopher Thorjussen Carrot Communications ASA _______________________________________________ rhelv5-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/rhelv5-list
