# ftp-tls: Failed TLS negotiation



## rblon (Mar 25, 2011)

I have installed ftp/pure-ftpd with TLS support. I created a certificate as explained in this how-to.

When I approach the server from a Windows machine with the FileZilla client using "FTP over TLS (explicit encryption)", I get an "Accept certificate?" window, and when I accept, it works all fine.

When I approach the server from a FreeBSD machine with the ftp client (so without TLS) it works fine as well.

However, when I approach the server from the same FreeBSD machine with the ftp/ftp-tls client, I get:


```
WARNING: Server's certificate is self signed.
WARNING: Errors while verifying the server's certificate chain, continue? (Y/N)
```

and after inputting "Y", I get


```
...
Failed TLS negotiation on control channel, disconnected
```

Any idea what is going on? Does ftp-tls require any configuration?


----------



## rblon (Mar 25, 2011)

I have now also installed ftp/lftp and that works fine as well with encryption.

When connecting with ftp-tls, I see the following in the server log:


```
Mar 25 13:30:17 srv2 pure-ftpd: (?@192.168.1.84) [INFO] New connection from 192.168.1.84
Mar 25 13:30:17 srv2 pure-ftpd: (?@192.168.1.84) [INFO] SSL/TLS: Enabled TLSv1/SSLv3 with DHE-RSA-AES256-SHA, 256 secret bits cipher
```

and after pressing "Y" in the client:


```
Mar 25 13:30:31 srv2 pure-ftpd: (?@192.168.1.84) [INFO] Logout.
```


----------

