LinuxQuestions.org
Help answer threads with 0 replies.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 09-14-2017, 10:01 AM   #1
Ladowny
Member
 
Registered: Oct 2006
Distribution: Debian, OpenBSD, FreeBSD
Posts: 31

Rep: Reputation: 0
pure-ftpd with TLS and LetsEncrypt certificate


Hi

I'm trying to use LetsEncrypt certificate with my pure-ftpd server and can't firure one thing out.
One of the howtos says to edit the file
/etc/pure-ftpd/pure-ftpd.conf
adding
Code:
TLSCipherSuite           HIGH
CertFile                 /etc/ssl/private/pure-ftpd.pem
I think this is the default location, but my LetsEncrypt certs are in /etc/letsencrypt/live/mydomain.com/fullchain.pem and I don't have /etc/pure-ftpd/pure-ftpd.conf config file

In my

Code:
/etc/pure-ftpd# l
total 32K
drwxr-xr-x   5 root root 4.0K Jun 11  2016 ./
drwxr-xr-x 127 root root  12K Sep 11 16:52 ../
drwxr-xr-x   2 root root 4.0K Jun 11  2016 auth/
drwxr-xr-x   2 root root 4.0K Sep 14 15:39 conf/
drwxr-xr-x   2 root root 4.0K Jun 11  2016 db/
-rw-r--r--   1 root root  230 Feb 25  2015 pureftpd-dir-aliases
/etc/pure-ftpd# l conf/
total 64K
drwxr-xr-x 2 root root 4.0K Sep 14 15:39 ./
drwxr-xr-x 5 root root 4.0K Jun 11  2016 ../
-rw-r--r-- 1 root root   36 Feb 25  2015 AltLog
-rw-r--r-- 1 root root    4 Jun 11  2016 BrokenClientsCompatibility
-rw-r--r-- 1 root root    4 Jun 11  2016 ChrootEveryone
-rw-r--r-- 1 root root    4 Jun 11  2016 DisplayDotFiles
-rw-r--r-- 1 root root    4 Jun 11  2016 DontResolve
-rw-r--r-- 1 root root    6 Feb 25  2015 FSCharset
-rw-r--r-- 1 root root    5 Feb 25  2015 MinUID
-rw-r--r-- 1 root root   29 Feb 25  2015 MySQLConfigFile
-rw-r--r-- 1 root root    4 Feb 25  2015 NoAnonymous
-rw-r--r-- 1 root root    4 Feb 25  2015 PAMAuthentication
-rw-r--r-- 1 root root   28 Feb 25  2015 PureDB
-rw-r--r-- 1 root root    2 Jun 11  2016 TLS
-rw-r--r-- 1 root root   18 Feb 25  2015 TLSCipherSuite
-rw-r--r-- 1 root root    3 Feb 25  2015 UnixAuthentication
I enable TLS with
Code:
echo 1 > /etc/pure-ftpd/conf/TLS
I know I could set up a cronjob copying my certificate to /etc/ssl/private/pure-ftpd.pem, but is there a way to specify different cert location ?
 
Old 09-14-2017, 11:52 AM   #2
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,505

Rep: Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769
Quote:
I know I could set up a cronjob copying my certificate to /etc/ssl/private/pure-ftpd.pem, but is there a way to specify different cert location ?
No need for a cronjob. Sure you can specify a different path for the CertFile.
Or you can create a symlink from /etc/letsencrypt/live/mydomain.com/fullchain.pem to /etc/ssl/private/pure-ftpd.pem

Regards
 
Old 09-17-2017, 10:13 AM   #3
Ladowny
Member
 
Registered: Oct 2006
Distribution: Debian, OpenBSD, FreeBSD
Posts: 31

Original Poster
Rep: Reputation: 0
Thanks, creating a symlink may be a good workaround, however /etc/letsencrypt/live/mydomain.com/fullchain.pem is a symlink alredy.
I'd rather specify a different path for the CertFile, but how do I do that ?

Don't have /etc/pure-ftpd/pure-ftpd.conf file. Tried just creating a file called "CertFile" in /etc/pure-ftpd/conf/ but got this error "pure-ftpd-mysql[12335]: Starting ftp server: /usr/sbin/pure-ftpd-wrapper: Invalid configuration file /etc/pure-ftpd/conf/CertFile: No corresponding directive"
 
Old 09-17-2017, 12:30 PM   #4
bathory
LQ Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 12,505

Rep: Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769Reputation: 1769
Quote:
Originally Posted by Ladowny View Post
Thanks, creating a symlink may be a good workaround, however /etc/letsencrypt/live/mydomain.com/fullchain.pem is a symlink alredy.
I'd rather specify a different path for the CertFile, but how do I do that ?

Don't have /etc/pure-ftpd/pure-ftpd.conf file. Tried just creating a file called "CertFile" in /etc/pure-ftpd/conf/ but got this error "pure-ftpd-mysql[12335]: Starting ftp server: /usr/sbin/pure-ftpd-wrapper: Invalid configuration file /etc/pure-ftpd/conf/CertFile: No corresponding directive"
I.m afraid the symlinmk is your only way to go, unless you want to re-compile pure-ftpd
According to the documentation, the certificate location is given at compile time.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How to Install Pure-FTPd with TLS and virtual users on OpenSUSE Leap 42.1 LXer Syndicated Linux News 0 07-26-2016 09:48 PM
unable to connect to ftp server(pure-ftpd) with ssl/tls enabled rtz Linux - Networking 2 11-24-2014 03:21 PM
pure-ftpd, passive mode, tls sedlis Linux - Software 0 10-23-2013 04:44 PM
Pure-authd not passing variables to pure-ftpd welshdemon Linux - Software 1 02-11-2011 04:47 PM
pure-ftpd-mysql activates pure-ftpd zvikamer Linux - Software 2 03-01-2008 12:11 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 03:18 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration