I installed OpenSSL 0.9.8d as suggested and copied the two .dll files to the TC7 program folder. However, the two commands to convert the rootcerts.p7b file to PEM format didn't work. I executed the commands in a DOS command prompt and I got no confirmation after executing the commands, and no .PEM file appeared.
HOWEVER, it didn't seem to matter! I created a certificate within Filezilla Server (.crt file in the Filezilla folder), and that's all I needed... I seemed to be able to connect via SSL/TLS! Here's the log when I connect via my regular port (private cert details are obscured by asterisks):
So is this connection (both authentication & data-stream) actually encrypted? Did I do it properly? It's weird that it works without a rootcert.pem file (as per Christian's instructions). ALSO, I'm connecting via my regular port that I configured in Filezilla Server (port 1010).----------
Connect to: (01/21/2007 7:29:12 PM)
hostname=localhost:1010
username=admin
startdir=
localhost=127.0.0.1
220 -=Connected=-
AUTH TLS
234 Using authentication type TLS
Cert subject: /CN=****/C=01/ST=British Columbia/L=Vancouver/O=****/OU=**/emailAddress=guest@host.com
Cert issuer: /CN=****/C=01/ST=British Columbia/L=Vancouver/O=****/OU=**/emailAddress=guest@host.com
USER admin
331 Password required for admin
PASS ***********
230 Logged on
SYST
215 UNIX emulated by FileZilla
FEAT
211-Features:
MDTM
REST STREAM
SIZE
MLST type*;size*;modify*;
MLSD
AUTH SSL
AUTH TLS
UTF8
CLNT
211 End
PBSZ 0
200 PBSZ=0
PROT P
200 Protection level set to P
Connect ok!
PWD
257 "/" is current directory.
Get directory
TYPE A
200 Type set to A
PASV
227 Entering Passive Mode (127,0,0,1,19,141)
LIST
150 Connection accepted
Download
Waiting for server...
226 Transfer OK
In Filezilla Server I also configured a port for which it will listen for SSL/TLS-only connections. If I connect via this port (999), it also seems to work:
So it works on both my regular server port (1010), and my port specified to listen for SSL/TLS connections (999)... without a rootcert.pem file. The only difference seems to be that when connecting via my regular port (1010), it explicitly says "using authentication type TLS".
----------
Connect to: (01/21/2007 7:34:48 PM)
hostname=localhost:999
username=admin
startdir=
localhost=127.0.0.1
Cert subject: /CN=****/C=01/ST=British Columbia/L=Vancouver/O=****/OU=****/emailAddress=guest@host.com
Cert issuer: /CN=****/C=01/ST=British Columbia/L=Vancouver/O=****/OU=****/emailAddress=guest@host.com
220 -=Connected=-
USER admin
331 Password required for admin
PASS ***********
230 Logged on
SYST
215 UNIX emulated by FileZilla
FEAT
211-Features:
MDTM
REST STREAM
SIZE
MLST type*;size*;modify*;
MLSD
AUTH SSL
AUTH TLS
UTF8
CLNT
211 End
PBSZ 0
200 PBSZ=0
PROT P
200 Protection level set to P
Connect ok!
PWD
257 "/" is current directory.
Get directory
TYPE A
200 Type set to A
PASV
227 Entering Passive Mode (127,0,0,1,19,142)
LIST
150 Connection accepted
Download
Waiting for server...
226 Transfer OK
Is everything working properly? Can somebody who knows more about this stuff confirm that I did this correctly? Thanks.