In the administration interface, connect to EFT Server and click the Server tab.
In the left pane, click the Server node that you want to configure.
In the right pane, click the Security tab.
In the SSL Compatibility area, specify the SSL version to use:
-
If you want to allow the user to use any compatible SSL version, click Auto Negotiable (selected by default).
-
If you want to force a particular version (TLS 1.0, SSL 2.0, or SSL 3.0), select it, and only that version will be allowed. If you select Defined, TLS 1.0 is automatically selected, because at least one SSL version must be defined. If you attempt to clear the last remaining check box, an error message appears to remind you that at least one version must be selected.
In the Select from list box, select the check box of one or more Allowed ciphers to use or manually specify the ciphers. At least one cipher must be specified.
|
|
Only advanced users should manually specify ciphers. |
Click the Priority arrows to arrange the ciphers in top-down priority. If more than one approved cipher is specified, and the connecting client has in its list one or more ciphers that are also on EFT Server’s approved list, EFT Server will select and use the cipher based on ordering (priority) shown in the list box.
In the FTPS Protocol Specific area, check the Allow Clear Command Channel (CCC) for FTPS connections and/or Allow unprotected data channel (PROT C) for FTPS connections, as needed. Users that attempt CCC or Prot-C must receive the appropriate FTP error code if not permitted by EFT Server. The client must then retry using protected command or data channels to connect.
Click Apply to save the changes to EFT Server.