Skip to main content
  1. Posts/

Add SSL/TLS support to proftpd

·81 words·1 min·
Ftp Security

To enable SSL/TLS support in proftpd, add the following to the proftpd.conf file:

<IfModule mod_tls.c>
    TLSEngine on
    TLSLog /var/ftpd/tls.log
    TLSRequired off
    TLSRSACertificateFile /usr/share/ssl/certs/server.crt
    TLSRSACertificateKeyFile /usr/share/ssl/private/server.key
    TLSCACertificateFile /usr/share/ssl/certs/cacert.crt
    TLSVerifyClient off
    TLSRenegotiate required off
</IfModule>

To require SSL/TLS on all connections, change TLSRequired to on. Of course, replace the certificate, key, and CA certificate (if applicable) to the correct files on your system.

Once you’re all done, close your FTP connection and make a new one. There is no need to restart xinetd.