Not all FTP servers that support SSL connections do so correctly or in strict compliance to proposed or approved standards.
Various FTP over SSL implementations have been proposed over the last few years. Most do not conform with RFC–2228 or are at odds with the latest IETF (Internet Engineering Task Force) drafts.
Typical Implementations:
Implicit TLS/SSL—SSL connection over a dedicated port (990) registered with the IANA. This approach, while quite common, is not favored by the IETF and is not supported by CuteFTP Mac.
Explicit "AUTH SSL"—SSL connection over a standard port (21) using “AUTH SSL” or “AUTH TLS-P” to negotiate the protection mechanism. AUTH TLS-P implicitly sets the protection mechanism and is therefore in direct disagreement with RFC 2228. CuteFTP Mac does support AUTH SSL, and subsequently sets the protection mechanism explicitly using the PROT command and its approved arguments.
Explicit “AUTH TLS”—SSL v3.1 connection over a standard port (21) and explicitly setting the protection mechanism. This is the version that best adheres to RFC 2228 and is favored by the IETF in its latest FTP over SSL draft (draft-murray-auth-ftp-tls-13.txt). This version is supported by CuteFTP Mac.
|
|
|
To view which OpenSSL version you are running, in a Mac terminal, type:
OpenSSL <enter>
version <enter>
To establish an SSL session
Create a new site in the Site Manager
In the Security list, click FTPS (SSL FTP).
Click Connect.
If you are having difficulty connecting to your FTP server over SSL, refer to the checklist below for help:
Not all FTP servers support secure FTP connections using SSL. Check with your server administrator before you attempt to connect securely.
Verify the port being used. Some servers require that SSL connections use a dedicated port other than port 21.
Verify that the server isn't requiring a client certificate, as CuteFTP Mac does not provide one.
Does the server you are connecting to support SSL v3.1 (AUTH TLS) or a properly implemented version of AUTH SSL?
