Hi,

I'm trying to configure VSFTP on a Red Hat 5 server using our apache ssl certificates. When I try to connect with WinSCP and "SSL: Explicit encryption", I get an error that the server certificate is not known.

After googling this error and trying to understand why I'm getting this message, it seems that the issue is that the private key is not imported on the client side. Is that correct? That doesn't seem to work how I would have pictured it.

My config:

Turn on SSL

ssl_enable=YES

Allow anonymous users to use secured SSL connections

allow_anon_ssl=YES

Disable SSL reuse

require_ssl_reuse=NO

All non-anonymous logins are forced to use a secure SSL connection in order to

send and receive data on data connections.

force_local_data_ssl=NO

All non-anonymous logins are forced to use a secure SSL connection in order to send the password.

force_local_logins_ssl=NO

Permit TLS v1 protocol connections. TLS v1 connections are preferred

ssl_tlsv1=YES

Permit SSL v2 protocol connections. TLS v1 connections are preferred

ssl_sslv2=NO

permit SSL v3 protocol connections. TLS v1 connections are preferred

ssl_sslv3=NO

Specifies the location of the RSA certificate to use for SSL encrypted connections

rsa_cert_file=/etc/vsftpd/combined3.crt
rsa_private_key_file=/etc/httpd/conf/ksiresearch_com.key

combined3.crt was the result of concatenating the server certificate file and the intermediate.crt certificate.

Thanks!
Charles