PageRenderTime 88ms CodeModel.GetById 44ms app.highlight 0ms RepoModel.GetById 23ms app.codeStats 1ms

/proftpd/tls.conf

http://github.com/brinkman83/bashrc
Config | 56 lines | 54 code | 2 blank | 0 comment | 0 complexity | 83257800e3cabcc7bf600680384b8ba4 MD5 | raw file
 1#
 2# Proftpd sample configuration for FTPS connections.
 3#
 4# Note that FTPS impose some limitations in NAT traversing.
 5# See http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-TLS.html
 6# for more information.
 7#
 8
 9<IfModule mod_tls.c>
10#TLSEngine                               on
11#TLSLog                                  /var/log/proftpd/tls.log
12#TLSProtocol                             SSLv23
13#
14# Server SSL certificate. You can generate a self-signed certificate using 
15# a command like:
16#
17# openssl req -x509 -newkey rsa:1024 \
18#          -keyout /etc/ssl/private/proftpd.key -out /etc/ssl/certs/proftpd.crt \
19#          -nodes -days 365
20#
21# The proftpd.key file must be readable by root only. The other file can be
22# readable by anyone.
23#
24# chmod 0600 /etc/ssl/private/proftpd.key 
25# chmod 0640 /etc/ssl/private/proftpd.key
26# 
27#TLSRSACertificateFile                   /etc/ssl/certs/proftpd.crt
28#TLSRSACertificateKeyFile                /etc/ssl/private/proftpd.key
29#
30# CA the server trusts
31#TLSCACertificateFile 			 /etc/ssl/certs/CA.pem
32# or avoid CA cert and be verbose
33#TLSOptions                             NoCertRequest EnableDiags 
34#
35# Per default drop connection if client tries to start a renegotiate
36# This is a fix for CVE-2009-3555 but could break some clients.
37#
38#TLSOptions 							AllowClientRenegotiations
39#
40# Authenticate clients that want to use FTP over TLS?
41#
42#TLSVerifyClient                         off
43#
44# Are clients required to use FTP over TLS when talking to this server?
45#
46#TLSRequired                             on
47#
48# Allow SSL/TLS renegotiations when the client requests them, but
49# do not force the renegotations.  Some clients do not support
50# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
51# clients will close the data connection, or there will be a timeout
52# on an idle data connection.
53#
54#TLSRenegotiate                          required off
55</IfModule>
56