I recently setup a vsftpd 2.2.2 server running on Ubuntu Server 10.04 LTS that required SSL connections for the login and data transfer, however I wasn’t able to get the commercial SSL certificate from Comodo (InstantSSL) to work with the service. The vsftpd daemon would start, but the client connections would fail.
It turns out the the problem is that Comodo certificates require the installation of a root and intermediate certificate for the issued certificate to work. Now that I know that, thanks to this knowledge base article it’s easy to fix. Here’s how to fix it on your server.
Download the Comodo bundle
sudo wget http://www.instantssl.com/ssl-certificate-support/cert_installation/bundle.crt -O ~/instantssl.crt
Concatenate certificates
sudo cat _your SSL certificate from Comodo_ ~/instantssl.crt >> ~/vsftpd.pem
Now configure your vsftpd.conf file to point to this new .pem file and restart the vsftpd service. Connections should now be using the valid certificate.
No comments:
Post a Comment