Quote:
Originally Posted by Prodigy
@UltraFine
I think there is a confustion about NO_SSLv2 and others setting which should be belong into "OpenSSL_Options"
From the ioFTPD.ini
Added some logic check to accommodate unknown "Encryption_Protocol", instead of crashing, ioFTPD just put an error log mentioning "Unknown Encryption_Protocol Option" and running without any TLS or SSL until ioFTPD's "Encryption_Protocol" being fixed and ioFTPD also get restarted.
|
yes. 7.7.7.40005 works with this configuration. It generates a new certificate. The Debug file gets around 90kb in size:
ioftpd.ini
Code:
;Certificate_Name = ioFTPD
Create_Certificate = True
Explicit_Encryption = True
Encryption_Protocol = TLS1.2
OpenSSL_Options = NO_SSLv2 | NO_SSLv3
OpenSSL_Ciphers = DEFAULT:!LOW:!EXPORT
Min_Cipher_Strength = 128
Max_Cipher_Strength = 256
Error.log
Code:
01-03-2019 12:55:38 tszEncryptionProtocol : 'TLS1.2'.
01-03-2019 12:55:38 Method : TLSv1_2_server_method()
01-03-2019 12:55:38 tszEncryptionProtocol : 'TLS1.2'.
01-03-2019 12:55:38 Method : TLSv1_2_server_method()
01-03-2019 12:56:43 tszEncryptionProtocol : 'TLS1.2'.
01-03-2019 12:56:43 Method : TLSv1_2_server_method()
01-03-2019 12:56:43 Unknown option (NO_SSLv2 ) in OpenSSL_Options for service 'FTP_Service'.
01-03-2019 12:56:43 Unknown option ( NO_SSLv3) in OpenSSL_Options for service 'FTP_Service'.
I have two questions:
1) What are the valid options for "OpenSSL_Options" besides "ALL"?
2) Why does it write "tszEncryptionProtocol : 'TLS1.2'." and "Method : TLSv1_2_server_method()" into the log? Is it an error? Because a write into the error.log indicates an "Error" to me. So if it is not an error, why does this show up in the error.log?