ProFTPd mod_tls.c configuration

[Xetoxyc]

Hi,

hab mir gerade eben einen FTP Server eingerichtet und ohne TLS funktioniert auch alles nur mit wirt er mit den fehler

GnuTLS error -9: A TLS packet with unexpected length was received

Hier meine mod_tls_c configuration:

#
# Proftpd sample configuration for FTPS connections.
#
# Note that FTPS impose some limitations in NAT traversing.
# See http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html
# for more information.
#

<IfModule mod_tls.c>
TLSEngine                               on
TLSLog                                  /var/log/proftpd/tls.log
TLSProtocol                             SSLv23
#
# Server SSL certificate. You can generate a self-signed certificate using
# a command like:
#
# openssl req -x509 -newkey rsa:1024 \
#          -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt \
#          -nodes -days 365
#
# The proftpd.key file must be readable by root only. The other file can be
# readable by anyone.
#
# chmod 0600 /etc/ssl/private/proftpd.key
# chmod 0640 /etc/ssl/private/proftpd.key
#
TLSRSACertificateFile                   /etc/ssl/certs/proftpd.crt
TLSRSACertificateKeyFile                /etc/ssl/private/proftpd.key
#
# CA the server trusts
#TLSCACertificateFile                    /etc/ssl/certs/CA.pem
# or avoid CA cert and be verbose
TLSOptions                             NoCertRequest
#
# Per default drop connection if client tries to start a renegotiate
# This is a fix for CVE-2009-3555 but could break some clients.
#
#TLSOptions                                                     AllowClientRenegotiations
#
# Authenticate clients that want to use FTP over TLS?
#
TLSVerifyClient                         off
#
# Are clients required to use FTP over TLS when talking to this server?
#
TLSRequired                             off
#
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotations.  Some clients do not support
# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
# clients will close the data connection, or there will be a timeout
# on an idle data connection.
#
TLSRenegotiate                          none
</IfModule>

 

[Entilzha]

Kenne mich damit zwar nicht aus aber OpenSSL vorhanden, installiert und geladen? Für SSL/TLS brauchst du diese...

 

[Xetoxyc]

die cert files liegen im richtigen ordner und ich werd bei der anmeldung auch danach gefragt