Cerberus FTP Server can be configured to require clients to verify themselves using digital certificates for SSL/TLS connections. When given a Certificate Authority (CA) certificate list, Cerberus will verify that the client certificate is signed and valid for the given Certificate Authorities. Any FTPS or HTTPS connection attempts without a valid certificate will be denied when this option is selected.
For FTPS, FTPES & HTTPS Connections
Added Layer of Authentication Security
Additional Certificate Verification Options
- Certificate Revocation Lists: If the administrator specifies a CRL file, Cerberus will check the CRL file to make sure that the client certificate hasn’t been revoked.
- Post-Verification Client Certificate Checking: Cerberus can be configured to require the certificate Common Name (CN) to match the user’s username. If this option is enabled, and the client common name does not match the user’s username, then the connection request will be denied.
Creating Digital Certificates for Clients
Several tools for creating digital certificates currently exist. The OpenSSL command line tool provides a configurable option for generating SSL certificates that can be used for client certificate authentication.
Client Certificate Verification Resources:
Full Feature List
Cerberus FTP Server Editions
- FTP/S Server
- SOAP control API
- IP auto-banning
- User groups
- Web administration
- Virtual directories
$499 | 1 Yr Maintenance
- SFTP server
- AD/LDAP integration
- Public key authentication
- Client certificate verification
- Server replication
$899 | 1 Yr Maintenance
- MFT server
- HTTPS web client
- Event automation
- Email alerts
- File retention policies
- Ad-hoc sharing
$2,199 | 1 Yr Maintenance
Raved and Reviewed
Here’s what a few of our many satisfied customers have to say about Cerberus FTP Server.
“Our users have found Cerberus to be straightforward. We have handled many service tickets over the past three years, and Cerberus has had the least number of issues, by far.”
“We’ve been using Cerberus for at least five years, and it’s been awesome. Everything’s been very simple and easy, and we haven’t come across any limitations. It always just seems to work.”
“It’s not designed to be complicated, and it doesn’t need to be managed. I can hire someone new and they can be up to speed in minutes. Everyone on the team loves it.”
As part of our continuous effort to pursue security best practices, Cerberus FTP Server now issues a security warning when a RSA public key uses a weak, FIPS-invalid exponent. Once Cerberus moves to OpenSSL 3, if you have FIPS enabled and you have SFTP users with RSA...
Cerberus FTP is pleased to announce an update to our file extension management: the ability to set an allowed extension list! This feature allows administrators to restrict all file uploads except those with specific extensions. About the New Feature Cerberus FTP...
Critical Security Advisory A critical security issue has been identified in Cerberus FTP Server. We urge customers to download version 12.7.4 and upgrade as soon as possible. Scope All editions (Enterprise, Professional, Standard) of Cerberus FTP Server are...