# proftpd and TLS/SSL doesn't seem to work



## k1piee (Mar 2, 2012)

Hi,

I have been going at this for a couple of hours now and I can't find a solution. I've compiled ftp/proftd from ports with TLS enabled; it compiles just fine but when I try to configure TLS/SSL it won't work properly.

This is what I added to proftpd.conf:


```
<IfModule mod_tls.c>
    TLSEngine on
    TLSLog /var/log/ftp/tls.log
    TLSProtocol SSLv3 TLSv1

    TLSRequired off

    TLSRSACertificateFile /etc/ssl/ftp/ftp.server.com.crt
    TLSRSACertificateKeyFile /etc/ssl/ftp/ftp.server.com.key
    TLSCACertificateFile /etc/ssl/ftp/gs_root.pem
    TLSVerifyClient off
</IfModule>
```

The certificate is from RapidSSL and I have two other certificates configured on both www/apache22 and mail/dovecot2 and they work just fine.

I can restart proftpd and it won't give me any errors but it won't let me login with either TLS or SSL. I tried to remove the <IfModule> tags and then it said 
	
	



```
unknown configuration directive 'TLSEngine'
```

So to me it sounds like TLS isn't really compiled properly even though it didn't give me any errors.
Has anyone else had this problem or do you see an obvious mistake I made?


Thanks,
-Patric


----------



## k1piee (Mar 2, 2012)

Forgot to mention that I get this message when connecting:


```
[R] 220 ProFTPD 1.3.4a Server (FTP Server)
[R] AUTH TLS
[R] 500 AUTH not understood
[R] Failed SSL/TLS negotiation, disconnected
```


----------



## Quip (Mar 4, 2012)

I think you need to read /usr/ports/UPDATING:



> ```
> 20120126:
> AFFECTS: users of ftp/proftpd and ftp/proftpd-mysql
> 
> ...


----------



## k1piee (Mar 5, 2012)

Quip said:
			
		

> I think you need to read /usr/ports/UPDATING:



I feel so stupid for not thinking about reading that. Thanks a lot, that made the trick!


----------

