BBrayton
asked on
How to create Certificate for an FTP server.
Setting up Cerberus FTP server.
We have a user who wants a ftp server in his network.
I have created 4 or 5 CSR requests for a ssl certificates and all it creates is a domain.com cert.
I need it to create a ftp.domain.com cert.
No matter what I put in for the name of the cert it is always the same. domain.com
I created a DNS setting on my server to point ftp.domain.com to the ftp server and it does connect externally.
But when I connect it shows certificate error.
But when I connect to the ftp server it does show that im connecting with the ssl connection using TLSv1.2.
So the ssl sertificate is doing used but the cert name is only domain.com.
I'm guessing since the names don't match. That's why I'm receiving this error.
IS there a way to create a certificate with another name.
Would I have to create a wildcard or San Cert?
We have a user who wants a ftp server in his network.
I have created 4 or 5 CSR requests for a ssl certificates and all it creates is a domain.com cert.
I need it to create a ftp.domain.com cert.
No matter what I put in for the name of the cert it is always the same. domain.com
I created a DNS setting on my server to point ftp.domain.com to the ftp server and it does connect externally.
But when I connect it shows certificate error.
But when I connect to the ftp server it does show that im connecting with the ssl connection using TLSv1.2.
So the ssl sertificate is doing used but the cert name is only domain.com.
I'm guessing since the names don't match. That's why I'm receiving this error.
IS there a way to create a certificate with another name.
Would I have to create a wildcard or San Cert?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
What are you filling in for common name, ftp.domain.com?
But also, since you're allowing access from outside, you really shouldn't have a self signed certificate.
But also, since you're allowing access from outside, you really shouldn't have a self signed certificate.
ASKER
Yes the common name is ftp.domain.com.
I'm creating on godaddy.
I'm creating on godaddy.
That is very odd. Try contacting GoDaddy's support team. Somehow, I have an odd feeling you may end up having to do a wildcard cert, but that shouldn't be the case.
You asked, "How to create Certificate for an FTP server."
Normally you won't... because...
SFTP != SSL
Just install an SFTP server + you're done.
The easiest Linux SFTP server to install is MySecureShell, which installs a zero config SFTP server.
Normally you won't... because...
SFTP != SSL
Just install an SFTP server + you're done.
The easiest Linux SFTP server to install is MySecureShell, which installs a zero config SFTP server.
Just install an SFTP server + you're done.Not quite true. You'd still have to open port 22 on your firewall.
SFTP is simpler from a firewall aspect. Nor does it require an SSL certificate (David *is* right on that point). However, don't waste your time installing MySecureShell since you have Cerberus already. It supports FTPS (which is what you're struggling with right now) and SFTP (which is what David is suggesting).
Here's an article from Cerberus to help get you started if you want to switch to using SFTP instead:
https://support.cerberusft
masnrock is correct.
Anytime you run any type of code, you must open the related port.
For SSH/SFTP, you must open port 22.
Anytime you run any type of code, you must open the related port.
For SSH/SFTP, you must open port 22.
ASKER
Thanks for your help.
FTP server is working great.
FTP server is working great.
ASKER
its just a basic CSR utility.
Common Name:
Organization:
OU:
Address:
State , City, country
and that's all it allows you to put in.
no option to create FTP.domain.com cert
I put ftp.domain.com for common name and still it creates domain.com certificate