Introduction

FTP (file transfer protocol) is a popular way to transfer files between your computer and a remote computer.

In this article, we will install and configure vsftpd to use SSL certificates on a CentOS .

Prerequisites

VSFTPD installed (How to install vs ftpd centos vps)

Configuring SSL with VSFTPD in CentOS

First, we will make the directory where the SSL certificate keys will be stored.

mkdir /etc/ssl/certificates

Next, we will create the 2048 encryption key that will last for 365 days.

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/certificates/vsftpd.pem -out /etc/ssl/certificates/vsftpd.pem

After creating the key, we will need to change some parameters in the default vsftpd configuration file. I will be using nano command again for the text editor.

nano /etc/vsftpd/vsftpd.conf

You will be adding the paths for the rsa_cert_file and rsa_private_key and adding some others to the bottom of this file. The file should look like this at the bottom afterwards:

rsa_cert_file=/etc/ssl/certificates/vsftpd.pem rsa_private_key_file=/etc/ssl/certificates/vsftpd.pem ssl_enable=YES allow_anon_ssl=NO force_local_data_ssl=YES force_local_logins_ssl=YES ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO require_ssl_reuse=NO ssl_ciphers=HIGH

Save and close the file. Restart vsftpd with the command below:

service vsftpd restart

Now we can connect to the server using SSL/TLS encryption with Filezilla.

Open Filezilla, Go to File>Site Manager. Click on New Site. Make sure to choose “Require explicit FTP over TLS” for the Encryption type.

Sample Filezilla: Site manager

Filezilla: Site manager

Once you click on connect, you will be prompted with the window below to accept the unknown certificate.

Certificate Warning

Certificate Warning

Now you are connected to your server with SSL/TLS encryption!

Check back for more updates from Atlantic.Net, or learn more about our VPS hosting options.