Resolved FTP secured connection (FTP over TLS/SSL) not possible (after Upgrade Debian 9 to 10)

[Coda666]

Server operating system version

Debian 10

Plesk version and microupdate number

18.0.44

I recently upgraded an older system 'Debian 9.13 + Plesk 18.0.44' to 'Debian 10.13 + Plesk 18.0.44'
Everything works fine but I cant't connect the server by secured FTP (FTP over TLS/SSL) which worked fine before updating the system.
Every customer was able to connect his webspace using the protocol 'ftp over tls/ssl' using the server-ip, username and password.

When I try to connect the webserver via secured FTP I get this result in '/var/log/plesk/ftp_tls.log':

mod_tls/2,9[24269]: TLS/TLS-C requested, starting TLS handshake
mod_tls/2,9[24269]: unable to accept TLS connection: protocol error: (1) error:14209102:SSL routines:tls_early_post_process_cliente_hello_unsupported protocol
mod_tls/2,9[24269]: TLS/TLS-C negotiation failed on control channel

At this moment I'm not able to enable a secured conection to the webspace. FTP without(!) TLS/SSL works fine. I backuped the etc- and usr-directories before the update.

Can anybody help to solve this problem? I just want to establish a secured ftp-connection for every single user.

Thanks in advance…

 

[Coda666]

I checked a possible connection with my terminal:

# openssl s_client -connect #MY-SERVER-IP#:21 -starttls ftp

…and we had a stable TLS 1.2 connection.

I figured out that /etc/ssl/openssl.cnf got some new lines:

[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=2

So the lowest accepted TLS version is 1.2.

When I forced my FTP client editior to use TLS 1.2 instead the default one we had a stable connection like in the short terminal test above. That's all