[Proftpd-user] VIRTUALHOST: TLS-Connection ?

Discussion:

matthias hoerl

2004-07-01 14:15:03 UTC

hi all ( my first mail to you *gg)

my problem how do i learn a virtual host accepting tls connections?
the main server on 21 accepts it but not the virtual on 9000.
should the tls settings within global or what else ?

excuse my exciting englisch i am better in reading it than writing

mfg matthew

a part of my config
...
....
#################################################### TLS - Secure
connections
TLSEngine on
TLSLog /var/log/tls.log
TLSProtocol SSLv23
TLSOptions NoCertRequest

### Are clients required to use FTP over TLS when talking to this server?
TLSRequired on

### Server's certificate
TLSRSACertificateFile /etc/proftpd/server.cert.pem
TLSRSACertificateKeyFile /etc/proftpd/server.key.pem

### Authenticate clients that want to use FTP over TLS?
TLSVerifyClient off

<Global>
DisplayLogin /etc/proftpd/welcome.msg
AllowForeignAddress on
PassivePorts 60000 60050
### Logging
# file/dir access
ExtendedLog /var/spool/proftpd/access.log WRITE,READ
write
# Record all logins
ExtendedLog /var/spool/proftpd/auth.log AUTH auth
</Global>

<VirtualHost ***.***.***.***>
Port 9000 # as an example
DefaultRoot /var/ftp
</VirtualHost>

TJ Saunders

2004-07-01 16:36:13 UTC

Permalink

Post by matthias hoerl
my problem how do i learn a virtual host accepting tls connections?

First, you probably should read the Vhost mini-howto:

http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-Vhost.html

Then, read the Debugging howto to see how to configure proftpd for
debugging output:

http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-Debugging.html

Between the server debugging output and a TLSLog, you should be able to
see why your client is having trouble connecting to your <VirtualHost>.

Cheers,
TJ

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Do not underestimate one's capacity for self-delusion.

-TJ Saunders

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Matus UHLAR - fantomas

2004-07-02 06:45:02 UTC

Permalink

Post by matthias hoerl
my problem how do i learn a virtual host accepting tls connections?
the main server on 21 accepts it but not the virtual on 9000.
should the tls settings within global or what else ?

putting TLSEngine option to <Global> section should help.
note that the "main server config" should contaion either options that
apply to whole server, or options that should apply only to default
server (that is not covered by <VirtualHost> sections).

other options that you want to be active on all virtual servers you have
to put into <Global> section. You should check all used options, in what
context are they used and move some to <Global>.

I know this it not very easy to configure and iirc TJ Agreed with it,
however this is the currrent situation you have to accept ;-)

Another thing is that proftpd does not support the TLS port... you have to
connect to normal FTP port and then negotiate TLS.

--
Matus UHLAR - fantomas, ***@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #99999: Out of error messages.