Features > Access Protection > Client Certificate Verification
Cerberus FTP Server
Client Certificate Verification
Available in: Professional | Enterprise | Enterprise Plus
Cerberus FTP Server can be configured to require clients to verify themselves using digital certificates for SSL/TLS connections. When given a Certificate Authority (CA) certificate list, Cerberus will verify that the client certificate is signed and valid for the given Certificate Authorities. Any FTPS or HTTPS connection attempts without a valid certificate will be denied when this option is selected.

For FTPS, FTPES & HTTPS Connections

Added Layer of Authentication Security
Additional Certificate Verification Options
- Certificate Revocation Lists: If the administrator specifies a CRL file, Cerberus will check the CRL file to make sure that the client certificate hasn’t been revoked.
- Post-Verification Client Certificate Checking: Cerberus can be configured to require the certificate Common Name (CN) to match the user’s username. If this option is enabled, and the client common name does not match the user’s username, then the connection request will be denied.
Creating Digital Certificates for Clients
Several tools for creating digital certificates currently exist. The OpenSSL command line tool provides a configurable option for generating SSL certificates that can be used for client certificate authentication.
Client Certificate Verification Resources:
Full Feature List
Protocols
FTP, FTP/S, SFTP, SCP, HTTP/S
Transfer Security
SSH, SSL, FIPS 140-2
MFT Automation
Event, Alert & Sync Tools
Environment
Windows Server, Cloud & Virtual
Access Protection
IP, User & Protocol Restriction Tools
Account Management
AD, LDAP, 2FA, SSO & More
Auditing and Reporting
File Access, User and Admin Logging
Administration Tools
API, Sync Manager, & Other Tools
Industry Solutions
Cerberus FTP Server Editions
Professional
Secure file transfer server for Windows
- FTP, FTPS, SFTP & SCP
- IP access controls
- Groups & virtual directories
- Web admin & SOAP API
- AD/LDAP integration
- FIPS 140-2 encryption
- Server replication
- Phone & email support
$999 / year
Enterprise
Enhanced automation & security
- All Professional features
- HTTP/S web client
- Azure AD SSO support
- Event automation & alerts
- File retention policies
- Ad hoc file sharing
- Advanced stats & reporting
- Phone & email support
$2,499 / year

Enterprise Plus
Mission-critical performance & support
- All Enterprise features
- Scalable global solution
- 24/7/365 severity 1 support
- Rogue transfer detection
- Performance testing
- Automated network scanning
- Upgrade & migration support
- DR, test & dev licenses
$4,999 / year
Raved and Reviewed
Here’s what a few of our many satisfied customers have to say about Cerberus FTP Server.
“Our users have found Cerberus to be straightforward. We have handled many service tickets over the past three years, and Cerberus has had the least number of issues, by far.”
“We’ve been using Cerberus for at least five years, and it’s been awesome. Everything’s been very simple and easy, and we haven’t come across any limitations. It always just seems to work.”
“It’s not designed to be complicated, and it doesn’t need to be managed. I can hire someone new and they can be up to speed in minutes. Everyone on the team loves it.”
Latest News
New Feature Highlights in Cerberus FTP Server Version 13
In case you missed our earlier announcement, we released Cerberus FTP Server Version 13 on April 10th. In this post, we want to highlight some of the new features and benefits that administrators and users will enjoy. (Of course, you can always read the full release...
Cerberus FTP Server 13.0 Introduces Enhanced SSH Options
Continuing from our TLS enhancements introduced in Cerberus FTP Server 12.11, we are adding new key exchange and cipher options as shown in the screenshot below: Key Exchange Algorithms Version 13 adds Edwards Curves (x25519 and x448) to the supported list of KEXs....
Cerberus FTP Server 13.0 Introduces Single Sign-On Support
Single Sign-On (SSO) provides a seamless authentication experience to users, allowing them to log in once and access all authorized applications without the need to enter separate credentials. Security Assertion Markup Language (SAML) is a standard protocol for...