• Plesk Uservoice will be deprecated by October. Moving forward, all product feature requests and improvement suggestions will be managed through our new platform Plesk Productboard.
    To continue sharing your ideas and feedback, please visit features.plesk.com

Resolved FTP secured connection (FTP over TLS/SSL) not possible (after Upgrade Debian 9 to 10)

Coda666

New Pleskian
Server operating system version
Debian 10
Plesk version and microupdate number
18.0.44
I recently upgraded an older system 'Debian 9.13 + Plesk 18.0.44' to 'Debian 10.13 + Plesk 18.0.44'
Everything works fine but I cant't connect the server by secured FTP (FTP over TLS/SSL) which worked fine before updating the system.
Every customer was able to connect his webspace using the protocol 'ftp over tls/ssl' using the server-ip, username and password.

When I try to connect the webserver via secured FTP I get this result in '/var/log/plesk/ftp_tls.log':

mod_tls/2,9[24269]: TLS/TLS-C requested, starting TLS handshake
mod_tls/2,9[24269]: unable to accept TLS connection: protocol error: (1) error:14209102:SSL routines:tls_early_post_process_cliente_hello_unsupported protocol
mod_tls/2,9[24269]: TLS/TLS-C negotiation failed on control channel

At this moment I'm not able to enable a secured conection to the webspace. FTP without(!) TLS/SSL works fine. I backuped the etc- and usr-directories before the update.

Can anybody help to solve this problem? I just want to establish a secured ftp-connection for every single user.

Thanks in advance…
 
I checked a possible connection with my terminal:
Code:
# openssl s_client -connect #MY-SERVER-IP#:21 -starttls ftp
…and we had a stable TLS 1.2 connection.

I figured out that /etc/ssl/openssl.cnf got some new lines:
Code:
[system_default_sect]
MinProtocol = TLSv1.2
CipherString = DEFAULT@SECLEVEL=2

So the lowest accepted TLS version is 1.2.

When I forced my FTP client editior to use TLS 1.2 instead the default one we had a stable connection like in the short terminal test above. That's all :p
 
Back
Top