Tag Archives: SSL

FTP SSL configuration

Posted by on September 1, 2011 No comments

In today’s world with hackers everywhere it is important to keep interaction over the internet as secure as possible.

One function used for almost every website is FTP (File Transfer Protocol) that everybody owning a website uses at least indirectly.
Sadly FTP by default sends the username/password in clear text over the internet for any hacker to read it out.

Today I would like to show you how to enable FTP-SSL on a widely used FTP Program – Filezilla.
Enabling FTP SSL will encrypt the transfer of your username and password.

  • Start Filezilla as usual and edit your site via the SiteManager.

    Open the SiteManager to enable FTP SSL

    Open the SiteManager to enable FTP SSL

  • Next, click on the Site you would like to enable FTP-SSL for.
  • On the General Tab look for the DropDown “Encryption”
  • Choose “Require explicit FTP over TLS”

    Setup FTP SSL encryption

    Choose Require explicit FTP over SSL

That was it!

Now your FTP password will no longer be sent un-encrypted over the internet.

Some of you might receiveĀ  an error after performing this step.
This can be due to your website using a dedicated IP address for example.
However, just contact our support team they will give you a different FTP Hostname which will solve the problem.

 

 

How to convert a IIS SSL certificate and Apache private Key into a PFX Certificate.

Posted by on August 15, 2011 No comments

How to convert a IIS SSL certificate and Apache private Key into a PFX Certificate.

So, you are in the unlikely situation of have an OpenSSL private key and a IIS PCB7 Certificate from a certificate Authority.
You would like to install these two in IIS.
Of course after an hour of trying to figure it out you will notice that it simply can not be done.
You need to perform some conversions to turn the .cer and .key into an .pfx file.
These are the steps:

  • First convert the issued certificate from the CA (its in the format of P7B mostly ending in .cer) into a pem file.
openssl pkcs7 -print_certs -in domainname.cer -out domainname.pem
  • Next, convert the pem certificate and the private key into the PFX cert.
openssl pkcs12 -export -out domainname.pfx -inkey private.key -in domainname.pem
  • The resulting domainname.pfx file can now be imported via the certificate MMC snap-in (Local Computer Account).
  • Once imported, just open the Website properties -> Directory Security Tab -> Server Certificate -> Assign an existing certificate.
  • Voila, you have just created and installed a pfx certificate from an PEM private Key and a P7B Certificate.

One last tip, if you ever have odd issues with a site not responding with an SSL certificate installed. Download and install Microsofts SSLDiag tool. It works great!