sftpd: No available certificate or key corresponds to the SSL cipher suites which are enabled?
Posted
by Arcturus
on Super User
See other posts from Super User
or by Arcturus
Published on 2010-04-03T12:54:17Z
Indexed on
2010/04/03
13:03 UTC
Read the original article
Hit count: 670
Hello.
I'm trying to setup vsftpd on Fedora 12. I need to require use of FTPS, and for now need to use a self-signed SSL certificate.
I managed to get the vsftpd service running and to connect as my user. I can list the home directory, but as soon as I try to list another directory, download or upload a file, I get this error:
No available certificate or key corresponds to
the SSL cipher suites which are enabled.
And the xfer log is empty.
I've been Googling it for a while now, but still can't understand the problem.
Here's how I installed vsftpd:
su
yum install vsftpd
chkconfig vsftpd on
service vsftpd start
I tried to generate the certificate in two ways. Here's the first one:
cd /etc/vsftpd
openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem
Here's the second way:
cd /etc/pki/tls/certs
make vsftpd.pem
Here's my vsftpd configuration:
anonymous_enable=NO
local_enable=YES
write_enable=YES
local_umask=022
dirmessage_enable=YES
xferlog_enable=YES
connect_from_port_20=YES
xferlog_file=/var/log/vsftpd.log
xferlog_std_format=YES
nopriv_user=ftpsecure
chroot_local_user=YES
chroot_list_enable=YES
chroot_list_file=/etc/vsftpd/chroot_list
listen=YES
pam_service_name=vsftpd
userlist_enable=YES
tcp_wrappers=YES
# SSL settings
ssl_enable=YES
force_local_data_ssl=YES
force_local_logins_ssl=YES
rsa_cert_file=/etc/pki/tls/certs/vsftpd.pem
allow_anon_ssl=NO
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
Does anyone know what the problem is and how to solve it?
© Super User or respective owner