2.4 Beta 1 fails with AUTH TLS

Home Forums BETA Report a Bug 2.4 Beta 1 fails with AUTH TLS

  • This topic is empty.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #29150
    krisweir
    Participant

    Testing 2.4 Beta 1 with CuteFTP 7.1 client – setting type to “FTP with SSL” (AUTH SSL – Explicit) on port 21 works fine. For which, many thanks, Grant!

    If type is set to “FTP with TLS” (AUTH TLS – Explicit) Cerberus does accept the AUTH TLS command but then fails during negotiation.

    Error on Cerberus Server reads: SSL-accept error: a failure in the SSL library occurred – usually a protocol error: non sslv2 initial packet.

    I have tried with and without using SSL certificate from the client when authenticating – no change. I don’t think this is supported at present anyway (?)

    Since TLS is going to be the way of the future, it would be nice to make it work. Any ideas?

    Grant – I assume that in the official release it will be possible to set Cerberus to *require* a secure connection? At present the client can choose security level, which I don’t trust!

    #33656
    st970742
    Participant

    Hey I also tried to use the SSL. I turned it on from the cerberus server and then tried to conect with CORE FTP. If I set core to SSL it works fine, but if I set core to not use SSL, it still conects to cerberus even though I set up the server to use SSL.

    Maybe the SSL option is not for requiring SSL, but only turns the feature on. Either way I think there should be an option to require SSL conections.

    I’ve been through all the options to set cerberus to require an SSL conection, but haven’t found anything that works. If anyone can think of anything I’m not doing, please let me know.

    #33657
    imported_Serin
    Participant

    Hello,

    The BETA version doesn’t have an option to require SSL. I can put that in the release version.

    #33658
    st970742
    Participant

    Hey Serin

    Thanks for your reply. The requiring SSL option would be cool.

    Otherwise I’ve been using the program more, and it seems when I login using the SSL mode, it doesn’t show all the files that are present on my server. It shows the files in the first folder that I open, but then if I try to go down the directory tree by opening a folder, it doesn’t show me anything that’s in that folder. The only files in my sub folders are more sub folders and .html and .htm . However, I found that if I do a search for the files by name they can be found.

    I think this is limited to the SSL connections because when I tried to conect without SSL, I can see all the files without any problem.

    Again, I’m using Core FTP as my client incase the problem is limited for some reason to that client only.

    #33659
    krisweir
    Participant

    Thanks for the reply Grant.

    Would it be possible to set the SSL-requirement on a per-user basis in your final release? This would be ideal, as not many of my user accounts have access to confidential material, so encryption would only be required for a select few. (And it’s hard enough trying to explain to most users about folder-view and passive-mode on i.e. without getting them all to use a client that supports SSL! – and run it from PCs and MACs…)

    Any thoughts on the TLS authentication problem?

    #33660
    imported_Serin
    Participant

    The new BETA now supports SSLv3 and TLSv1. Should solve your problems.

    #33661
    krisweir
    Participant

    Thanks Grant!

    You mention in the release notes that there now is an option to require SSL/TLS control and data protection. Where? I can’t find it!

    #33662
    imported_Serin
    Participant

    The option is interface dependent. Check the interfaces tab of the server manager.

Viewing 8 posts - 1 through 8 (of 8 total)
  • The forum ‘Report a Bug’ is closed to new topics and replies.
Close Cart

Shopping Cart