OVH Community, your new community space.

proFTPD TLS doesn't work!!


rootifera
08-02-2015, 14:07
Hello,

I think this will be a late reply but I'm writing it anyway.

Did you see this document?

http://www.proftpd.org/docs/contrib/mod_tls.html

I couldn't see TLSCACertificateFile in your configuration and the log output is matching with the problem.

If neither TLSCACertificateFile nor TLSCACertificatePath are specified, the following message will appear in the TLSLog:

using default OpenSSL verification locations (see $SSL_CERT_DIR)

mamphp
14-12-2014, 02:53
with 104 views without any answer, Why u have a forum or support?
For fun?

mamphp
23-11-2014, 18:21
Hello,
On my VPS server with you, have debian 7 64bit. Now installed proFTPD to create an ftp server. Configuration is done, but something is wrong, that's why i'm her to ask you.
MODE_TLS is activated as you see:
Code:
 proftpd -vv | grep tls
  mod_tls/2.4.3
and tls.conf is created under /etc/proftpd/conf.d/tls.conf with this config:
Code:

        TLSEngine on
        TLSLog /var/log/proftpd/tls.log
        TLSProtocol TLSv1
        TLSRSACertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
        TLSRSACertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
        TLSVerifyClient off
        TLSRequired on
but TLS can't connect and work correctly. And it's no ftp connection!!
Code:
tail -20 /var/log/proftpd/tls.log
Nov 23 15:31:50 mod_tls/2.4.3[23559]: SSL/TLS required but absent on control channel, denying  command
Nov 23 15:32:31 mod_tls/2.4.3[23559]: SSL/TLS required but absent on control channel, denying  command
Nov 23 15:33:21 mod_tls/2.4.3[23562]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:33:21 mod_tls/2.4.3[23562]: SSL/TLS required but absent for authentication, denying USER command
Nov 23 15:33:26 mod_tls/2.4.3[23563]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:33:27 mod_tls/2.4.3[23563]: SSL/TLS required but absent for authentication, denying USER command
Nov 23 15:33:32 mod_tls/2.4.3[23564]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:33:32 mod_tls/2.4.3[23564]: SSL/TLS required but absent for authentication, denying USER command
Nov 23 15:33:37 mod_tls/2.4.3[23565]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:33:37 mod_tls/2.4.3[23565]: SSL/TLS required but absent for authentication, denying USER command
Nov 23 15:36:09 mod_tls/2.4.3[23570]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:36:09 mod_tls/2.4.3[23570]: SSL/TLS required but absent for authentication, denying USER command
Nov 23 15:36:14 mod_tls/2.4.3[23571]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:36:14 mod_tls/2.4.3[23571]: SSL/TLS required but absent for authentication, denying USER command
Nov 23 15:37:05 mod_tls/2.4.3[23572]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:37:15 mod_tls/2.4.3[23572]: SSL/TLS required but absent for authentication, denying USER command
Nov 23 15:37:39 mod_tls/2.4.3[23573]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:37:42 mod_tls/2.4.3[23573]: SSL/TLS required but absent for authentication, denying USER command
Nov 23 15:38:39 mod_tls/2.4.3[23574]: using default OpenSSL verification locations (see $SSL_CERT_DIR environment variable)
Nov 23 15:40:33 mod_tls/2.4.3[23574]: SSL/TLS required but absent for authentication, denying USER command
her the connection details:
ncftp> open -u ftpuser vps116866.ovh.net
Connecting to 37.187.224.187...
ProFTPD 1.3.4a Server (Debian) [37.187.224.187]
SSL/TLS required on the control channel
Sleeping 20 seconds...
Thanks in advance