Documentation forServ-U File Server

SSL Certificate

Some FTPS servers require that the end user supply an SSL certificate to authenticate themselves as a trusted host, in a process referred to as "mutual authentication" that goes beyond simply providing a username and a password. FTP Voyager supports mutual authentication via SSL certificates.

To configure FTP Voyager with an SSL certificate at the global level, configure it in the Tools | Connection | SSL Certificate menu. To configure it for a specific FTPS Site Profile (more common), configure it from the Site Profile Manager, in the Advanced properties for the site. If configuring the certificate at the site level, first change the Use Global Settings to Use These Settings, and then configure the certificate.

You must override the setting below to begin using the SSL Certificate page for this site profile:

Use Global Settings
Select Use these settings to override the settings that are defined in the SSL Certificate category within the Options dialog.

Options pertaining to this page are described below:

Use certificate Select this to provide a certificate that FTP Voyager uses to connect to this site.
Certificate The path to the OpenSSL-style (.crt) certificate to be used by FTP Voyager.
Private Key All certificates are protected by a private key that prevents use by unauthorized third parties. Specify the private key file (.key) here.
CA (Certificate Authority) Certificate Path (optional) Some certificate authorities require that a "trust chain" be established that involves more than one certificate file. If required by your CA, specify the Intermediate Certificate (.pem) here.
Use Private Key Password Oftentimes, a private key will be further protected by a password. If required, enable this option and specify the password within the Password and Confirm Password fields.

FTP Voyager supports the creation of SSL certificates using the OpenSSL package. This allows for the creation of a certificate which can then be sent to the FTP server for configuration. New SSL certificates require the following information:

Certificate Set Name Cosmetic only, the name that will be applied to the created files.
Output Path The folder in which to save the created files.
City/Town The city or town where the SSL certificate will be used, or the city/town of the business creating the certificate.
Organization The business or individual creating the certificate.
State/Province The state or province creating the certificate (like WI for Wisconsin USA, or MB for Manitoba, Canada).
Common Name The most important part of the certificate. The Common Name must be either the domain name which resolves to the IP address of the host (the client running FTP Voyager, in this case) or the IP address of the host if it is fixed and will never change.
Country The two-letter country code for the certificate, like US for the United States, or FR for France.
Unit The business unit responsible for the certificate, like IT or Accounting.
Password/Confirm Password The password used to protect the private key file.
Key Length The key length securing the certificate and private key. 4196-bit keys are supported for higher encryption, but sacrifice performance. Lower 1024-bit keys are supported for faster speed, but lower security.