Mailing List Archive: ftpd and ssl

ftpd and ssl

Oct 25, 2004, 3:49 AM

Post #1 of 3 (219 views)

Greetings,

After emerge ftpd when I start it I get the following errors:

Error loading /etc/ssl/certs/ftpd.pem: 6743:error:02001002:system
library:fopen:No such file or
directory:bss_file.c:276:fopen('/etc/ssl/certs/ftpd.pem','r')
6743:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:278:
6743:error:140AD002:SSL routines:SSL_CTX_use_certificate_file:system
lib:ssl_rsa.c:515:

ftpd: SSLeay initialisation failed

Looking at some manuals I noticed I should create a certificate using
commands such as - cert-dummy.sh
I do not seem to have this command. How can I get this command?

--
Thanks.

David Harel,

==================================

Home office +972 4 6921986
Fax: +972 4 6921986
Cellular: +972 54 4534502
Snail Mail: Amuka
D.N Merom Hagalil
13802
Israel
Email: hareldvd@ergolight-sw.com

--
gentoo-user@gentoo.org mailing list

Re: ftpd and ssl [ In reply to ]

cgysin at gmx

Oct 25, 2004, 4:20 AM

Post #2 of 3 (228 views)

Permalink

David Harel wrote:
> Looking at some manuals I noticed I should create a certificate using
> commands such as - cert-dummy.sh I do not seem to have this command.
> How can I get this command?

Use openssl (man openssl) to create your certificate:

- generate RSA key
# openssl genrsa -out ftpd.key

- generate certificate signing request
# openssl req -new -key ftpd.key -out ftpd.pem

- self sign the certificate
# openssl x509 -req -in ftpd.pem -signkey ftpd.key -out ftpd.pem

Enter your details. Where it asks for your Name, enter the FQDN of your
host (host.domain.org). DO NOT enter a challenge password.

- cat the .key and the .pem together
# cat ftpd.{key,pem} > /etc/ssl/certs/ftpd.pem

Instead of selfsigning the cert, you could consider getting it signed by
http://www.cacert.org.

Christoph

--
echo mailto: NOSPAM !#$.'<*>'|sed 's. ..'|tr "<*> !#:2" org@fr33z3

--
gentoo-user@gentoo.org mailing list

Re: ftpd and ssl [ In reply to ]

hareldvd at ergolight-sw

Oct 25, 2004, 5:49 AM

Post #3 of 3 (222 views)

Permalink

Thanks for your elaborate reply. VERY HELPFUL

Christoph Gysin wrote:

> David Harel wrote:
>
>> Looking at some manuals I noticed I should create a certificate using
>> commands such as - cert-dummy.sh I do not seem to have this command.
>> How can I get this command?
>
>
> Use openssl (man openssl) to create your certificate:
>
> - generate RSA key
> # openssl genrsa -out ftpd.key
>
> - generate certificate signing request
> # openssl req -new -key ftpd.key -out ftpd.pem
>
> - self sign the certificate
> # openssl x509 -req -in ftpd.pem -signkey ftpd.key -out ftpd.pem
>
> Enter your details. Where it asks for your Name, enter the FQDN of
> your host (host.domain.org). DO NOT enter a challenge password.
>
> - cat the .key and the .pem together
> # cat ftpd.{key,pem} > /etc/ssl/certs/ftpd.pem
>
> Instead of selfsigning the cert, you could consider getting it signed
> by http://www.cacert.org.
>
> Christoph
>

--
Thanks.

David Harel,

==================================

Home office +972 4 6921986
Fax: +972 4 6921986
Cellular: +972 54 4534502
Snail Mail: Amuka
D.N Merom Hagalil
13802
Israel
Email: hareldvd@ergolight-sw.com

--
gentoo-user@gentoo.org mailing list