Hello,
I'm running ioftpd 6.4.3.
I have an official company certificate and need to implement ioftpd as a service (as we need a FTPS only site for some customers)
From the KB (
http://www.flashfxp.com/pages/en.ioftpd-kb.php) i can see how to create and install a certificate in this case but I would need to use the official one (from digicert if that matters)
Thanks for your help
Smirnoff
In case of for the lazy among us:
Q: How can I install a SSL certificate from ioFTPD running as a service ?
A: This will allow you to use SSL with an ioFTPD server installed as a service running as LOCAL SERVICE account.
First, make sure you have those two variables in your etc\ioftpd.env:
SYSTEMDRIVE=%[environment(SYSTEMDRIVE)]
SYSTEMROOT=%[environment(SYSTEMROOT)]
- Restart ioFTPD if you had to change your ioftpd.env.
- (Optional) Install ioFTPD as a service (see here). You should not use the "Log on as This account" option in the service options.
- Disable all SSL functions (simply commenting the Certificate_Name lines would do).
- Place the makecert.exe & certmgr.exe in a directory that you can access from your FTP. Both executables can be downloaded directly from Microsoft (choose the x86 link).
- Create a .bat file in the same directory, which would contain:
makecert.exe -r -n "CN=YOUR_CERT_NAME_HERE" -b 01/01/2004 -e 01/01/2006 -eku 1.3.6.1.5.5.7.3.1 -ss my -sr CurrentUser -a sha1 -sk YOUR_CERT_NAME_HERE -sky exchange -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12
- Login your FTP and execute your .bat file through a SITE EXEC command:
SITE EXEC your.bat
This will create AND install the certificate. It will be automatically added to the certificate store. You won't get any .cer file.
- Re-enable SSL in ioFTPD.ini (use YOUR_CERT_NAME_HERE in your configuration) and restart ioFTPD.exe.
ioftpd as a service - how to configure an official certificate
Threaded Mode