<div>
Hi Allan,<br />
<br />
I use <a href="https://letsencrypt.org/" rel="ugc">https://letsencrypt.org/</a> for all my certificates (including Wildcard ones). Your certificate, if you take it from a valid certification authority(Let's Encrypt is one) then you don't have to install it on your client's machine. In case, you are self-signing i.e. generating your own certificate, on your own server then yes it has to be put in to the trusted certificates store.<br />
<br />
You can use any of the tools available at <a href="https://letsencrypt.org/docs/client-options/" rel="ugc">https://letsencrypt.org/do<wbr />cs/client-<wbr />options/</a> to generate/manage your certificates. <br />
<br />
Regards,<br />
Chinmay.
</div>


Allan_Fernandes

<div>
As Chinmay said, use LetsEncrypt...<br />
<br />
And... There's no requirement for an SSL cert to fix your problem.<br />
<br />
1) You can't run FTP over HTTPS without some serious proxy code at the server end.<br />
<br />
Likely you've never done this before, because... the complexity... well, this is why hardly anyone does this.<br />
<br />
2) Just run SFTP (port 22), which requires no SSL cert.<br />
<br />
Describe more about what you're trying to accomplish... files you'll be transferring... likely someone can provide you with an HTTPS solution.<br />
<br />
3) Also I think you have a slight misunderstanding about how FTP + HTTPS + Certs work.<br />
<br />
An SSL cert (really TLS cert, as SSL has been deprecated for years) is associated with a host or domain or wildcard space.<br />
<br />
SSL certs as such only cover the IP(s) returned from a DNS lookup for a host/domain.<br />
<br />
You can't *&quot;distribute my certificates while deploying my Application&quot;* or better said you can include any files you like + including cert files will have no effect as...<br />
<br />
<b>Certs cover servers, not clients.</b><br />
<br />
Maybe you've confused SSH key files with SSL certs. These are two different beasts.<br />
<br />
If you'd like to include an SSH key file with your application, for SFTP use, you can + this becomes massively tricky too.<br />
<br />
You'll have to include an empty passphrase key, as having a passphrase key will require you keep the passphrase in clear text somewhere in your app, so having a passphrase serves no function.<br />
<br />
Then anyone with your SSH/SFTP key can access a client's data on your server anytime they like.<br />
<br />
Describe your application in detail + likely someone can assist.<br />
<br />
If your application or data is sensitive, then hire someone who does this work daily (hard core, bi directional, secure data flow).
</div>


<div>
I have developed a backup Application which communicates across machines with FTP protocol. <br />
FTP Servers are listening on the Destination machine, Ftp Clients on the others. The Application with FTP Server is being killed by the AntiVirus.<br />
Therefore I considered moving my application to &nbsp;HTTPS. <br />
On Destination machine I will have a HTTPS Server Running and Clients machines will Send and Receive files via with HTTP Client component.<br />
After your advice I have checked the SFTP protocol and <a href="https://www.devart.com/sbridge/" rel="ugc">https://www.devart.com/sbridge/</a>&nbsp;seems to have what I need.<br />
Was hoping the components would be Free.
</div>


<div>
1) The ports I am using in my Test Applications are the standard ports yet upon Listening the Firewall asks Allow/Block ?<br />
<br />
2) Difference with FTP Server was that Antivirus terminated the program with error message. All others Servers including SFTP it is asking Block/Allow. This is manageable as per customer I will have just 1 or 2 Destination machines (Listening Servers)<br />
<br />
3) I have yet to study SFTP and SSH further. From the looks of it seems that it handles it's own key generation logic ?<br />
<br />
4) A big Thank You for all the support you are giving. I wish I had got this kind of advice earlier. I Ran my application using Raw Sockets all this while and had to do a lot of coding,
</div>


<div>
i have a little disagreement on the line<br />
<br />

<blockquote>
<br />
Certs cover servers, not clients.
</blockquote>
<br />
There is a client side authentication using certificates, its just that it is so complex and difficult to maintain, that people just don't do it unless there is a very strong need for it. But I have seen people doing it (many times).<br />
<br />
All the best with your implementation.<br />
<br />
Regards,<br />
Chinmay.
</div>


<div>
<div class="content wysiwyg-content">
I want to move from FTP to HTTPS due to Firewalls being nasty to FTP.<br />
For HTTPS I will need a SSL Certificate. <br />
&nbsp; &nbsp;Can I get free valid certificates anywhere ?<br />
&nbsp; &nbsp;Should I distribute my certificates while deploying my Application ?<br />
I use Delphi (ICS HTTPS component) and my application runs on Win OS.<br />
I have developed a backup application which is installed on every machine of my customers.<br />
The HTTP Server will only be installed on the Destination machines and monitoring machine.
</div>
</div>


I want to move from FTP to HTTPS due to Firewalls being nasty to FTP.
For HTTPS I will need a SSL Certificate. 
   Can I get free valid certificates anywhere ?
   Should I distribute my certificates while deploying my Application ?
I use Delphi (ICS HTTPS component) and my application runs on Win OS.
I have developed a backup application which is installed on every machine of my customers.
The HTTP Server will only be installed on the Destination machines and monitoring machine.

SSL Certificates for my distributable HTTPS server

Delphi is the most powerful Object Pascal IDE and component library for cross-platform Native App Development with flexible Cloud services and broad IoT connectivity. It provides powerful VCL controls for Windows 10 and enables FMX development for Windows, Mac and Mobile. Delphi is your choice for ultrafast Enterprise Strong Development™. Look for increased memory for large projects, extended multi-monitor support, improved Object Inspector and much more. Delphi is 5x faster for development and deployment across multiple desktop, mobile, cloud and database platforms including 32-bit and 64-bit Windows 10.

Delphi

Operating systems perform basic tasks, such as recognizing input from the keyboard, sending output to the display screen, keeping track of files and directories on the disk, and controlling peripheral devices such as disk drives and printers. For large systems, the operating system makes sure that different programs and users running at the same time do not interfere with each other. The operating system is also responsible for security, ensuring that unauthorized users do not access the system. Operating systems provide a software platform on top of which other programs, called application programs, can run.

Operating Systems

HTTPS is a protocol for secure communication over a computer network which is widely used on the Internet. HTTPS consists of communication over Hypertext Transfer Protocol (HTTP) within a connection encrypted by Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL). The main motivation for HTTPS is authentication of the visited website and to protect the privacy and integrity of the exchanged data. HTTPS is widely used for protecting page authenticity on all types of websites, securing accounts and keeping user communications, identity and web browsing private.