FTPS using Explicit TLS howto (Server)

From FileZilla Wiki
Jump to navigationJump to search

I can't believe I've been going for years woithut knowing that.

Configure with NAT

Please read the Network Configuration guide for instructions how to configure the server behind NAT devices.

Enable Explicit SSL/TLS

In the SSL/TLS settings menu check "allow Explicit SSL/TLS on normal connections." It is recommended to also check "Disallow plain unencrypted FTP" and "Force PROT P to encrypt file transfers in SSL/TLS mode". This will further enforce encryption policies; here PROT "P" is for "Private" as opposed to "C" for clear text. If you only want certain groups or users to have encryption you can set that up in the user or group editor. If there is data you still want available to the general public the "Force" setting should be disabled in the server settings menu, as you will need an FTP client rather than a web browser to access the FTP server. If using "PROT P - Private", the client may require a matching SSL setting or it may default to PROT C.

Setting up your FTP server in this way allows you to encrypt your data and login information without having to get 3rd party programs. With explicit SSL/TLS you will need a FTP client. Internet Explorer and Firefox don't support SSL/TLS without special plugins. FileZilla client supports FTPS both implicit (FTPS:// protocol), and explicit (FTPES://).

Retrieved from "https://wiki.filezilla-project.org/wiki/index.php?title=FTPS_using_Explicit_TLS_howto_(Server)&oldid=10258"