Using Secure Sockets Layer to secure the File Transfer Protocol server

 

With Secure Sockets Layer (SSL) you can eliminate the exposure of transmitting passwords and data in the clear when using the File Transfer Protocol (FTP) server with an FTP client that also uses SSL.

The FTP server provides enhanced security while sending and receiving files over a untrusted network. FTP server uses SSL to secure passwords and other sensitive data during an information exchange. The FTP server supports either SSL or TLS protected sessions, including client authentication and automatic sign-on.

Most SSL-enabled applications connect a client to separate TCP ports, one port for unprotected sessions and the other for secure sessions. However, secure FTP is a bit more flexible. A client can connect to a nonencrypted TCP port (typically TCP port 21), and then negotiate authentication and encryption options. A client can also choose a secure FTP port (typically TCP port 990), where connections are assumed to be SSL. The FTP server provides both of these options.

Before you configure the FTP server to use SSL, install the prerequisite programs and set up digital certificates on your system.

Create a local certificate authority (CA) or use Digital Certificate Manager (DCM) to configure the FTP server to use a public certificate for SSL.

 

Parent topic:

Securing File Transfer Protocol

Related concepts
Secure Sockets Layer (SSL) SSL concepts Prerequisite programs Securing FTP clients with Transport Layer Security or Secure Sockets Layer

Related tasks
Setting up digital certificates Using a public certificate