--===============0851790634==
Content-Language: en
Content-Type: multipart/alternative;
boundary="_000_C40365ED13215anoopbhatinterpubliccom_"

--_000_C40365ED13215anoopbhatinterpubliccom_
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Hi,

I just setup a server with a godaddy cert. The config is below. Copied from=
castaglia.org. I was using cyberduck to connect to the server and I get pr=
ompted to accept the cert every time I connect (unless I accept it permanen=
tly into my keychain).

Since this is a cert from a real CA and not a home made cert, should I be g=
etting this prompt? Perhaps I'm doing something wrong in the configs. I ass=
umed the godaddy intermediate cert is the CA that my server trusts.

I can provide a screenshot if needed from cyberduck.


TLSEngine on
TLSLog /var/log/tls.log
TLSProtocol SSLv23

# Are clients required to use FTP over TLS when talking to this server?
TLSRequired off

# Server's certificate
TLSRSACertificateFile /etc/httpd/conf/ssl.crt/server.crt
TLSRSACertificateKeyFile /etc/httpd/conf/ssl.key/server.key

# CA the server trusts
TLSCACertificateFile /etc/httpd/conf/ssl.crt/gd_intermediate_bundle.crt=
..pem

# Authenticate clients that want to use FTP over TLS?
TLSVerifyClient off

# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotations. Some clients do not support
# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
# clients will close the data connection, or there will be a timeout
# on an idle data connection.
TLSRenegotiate required off



Many Thanks

Anoop


This message contains information which may be confidential and privileged.
Unless you are the intended recipient (or authorized to receive this message
for the intended recipient), you may not use, copy, disseminate or disclose=
to
anyone the message or any information contained in the message. If you have
received the message in error, please advise the sender by reply e-mail, and
delete the message. Thank you very much.
(A)

--_000_C40365ED13215anoopbhatinterpubliccom_
Content-Type: text/html; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable



Prompt to accept cert


YLE=3D'font-size:11pt'>Hi,



I just setup a server with a godaddy cert. The config is below. Copied from=
castaglia.org. I was using cyberduck to connect to the server and I get pr=
ompted to accept the cert every time I connect (unless I accept it permanen=
tly into my keychain).



Since this is a cert from a real CA and not a home made cert, should I be g=
etting this prompt? Perhaps I’m doing something wrong in the configs.=
I assumed the godaddy intermediate cert is the CA that my server trusts. <=
BR>


I can provide a screenshot if needed from cyberduck.



 <IfModule mod_tls.c>

    TLSEngine on

    TLSLog /var/log/tls.log

    TLSProtocol SSLv23



    # Are clients required to use FTP over TLS when tal=
king to this server?

    TLSRequired off



    # Server's certificate

    TLSRSACertificateFile /etc/httpd/conf/ssl.crt/serve=
r.crt

    TLSRSACertificateKeyFile /etc/httpd/conf/ssl.key/se=
rver.key



    # CA the server trusts

    TLSCACertificateFile /etc/httpd/conf/ssl.crt/gd_int=
ermediate_bundle.crt.pem



    # Authenticate clients that want to use FTP over TL=
S?

    TLSVerifyClient off



    # Allow SSL/TLS renegotiations when the client requ=
ests them, but

    # do not force the renegotations.  Some client=
s do not support

    # SSL/TLS renegotiations; when mod_tls forces a ren=
egotiation, these

    # clients will close the data connection, or there =
will be a timeout

    # on an idle data connection.

    TLSRenegotiate required off



  </IfModule>



Many Thanks



Anoop




This message contains information which may be confidential and privileged.
Unless you are the intended recipient (or authorized to receive this message
for the intended recipient), you may not use, copy, disseminate or disclose=
to
anyone the message or any information contained in the message. If you have
received the message in error, please advise the sender by reply e-mail, and
delete the message. Thank you very much.
(A)




--_000_C40365ED13215anoopbhatinterpubliccom_--



--===============0851790634==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
--===============0851790634==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
--===============0851790634==--