WU-FTPD 2.6.1 Release Notes (5900-2465, September 2012)

FTP_SSL_CA_FILE Specifies the CA certificate.

FTP_SSL_CA_PATH Specifies the pathname for CA certificate.

FTP_SSL_CRL_FILE Specifies the CRL file location for the FTP client.

FTP_SSL_CRL_PATH Specifies the CRL file pathname.

FTP_TLS_PASSWD Specifies the password to decrypt the PEM key file(s).

NOTE: For information on the default values, see the ftp(1) manpage.

Alternatively, you can also create a script that contains all the export commands and

another script that contains all the unset commands:

Following are sample entries in a script that contains the export commands:

FTP_USESSL=1

FTP_SSL_MODE=secure

FTP_SSL_VERIFY_MODE=1

FTP_SSL_DEBUG_MODE=2

FTP_SSL_NOFALLBACK=1

FTP_SSL_PROT=1

FTP_SSL_FILE_MODE=pem

FTP_SSL_RANDFILE=/dev/urandom

FTP_SSL_LOGFILE=/tmp/ssl.log

FTP_SSL_CONFIG_FILE=flist.txt

FTP_SSL_CERT_FILE=/home/SSL/CERTS/client-cert.pem

FTP_SSL_DSACERT_FILE=/home/SSL/CERTS/dsaclient-cert.pem

FTP_SSL_KEYT_FILE=/home/SSL/CERTS/server-key.pem

FTP_SSL_DSAKEY_FILE=/home/SSL/CERTS/dsaclient-key

FTP_SSL_CA_FILE=/home/SSL/CERTS/ca-cert.pem

• Using the Configuration File

You can include all the environment variables in a configuration file and invoke FTP as

follows:

# ftp -z config=config_filename server_name

• Using the Command Line

ftp -z debug=2 -z secure -z logfile=/tmp/ssl.log -z\

CAfile=/var/opt/ftp/CA-Certs/ca-cert.pem -z \

CApath=/var/opt/ftp/CA-Certs/ -z\

rsacert=/var/opt/ftp/CA-Certs/client-cert.pem -z\

rsakey=/var/opt/ftp/CA-Certs/client-key.pem server_name

Basic Configuration for secured file transfer

This section discusses the basic configuration required for secured file transfer in an FTP server and

client.

To configure secured file transfer in an FTP server, complete the following steps:

1. Generate the following certificates and key using HP-UX OpenSSL with the procedure discussed

in “Generating certificates and keys using OpenSSL 0.9.7m” (page 7):

WU-FTPD 2.6.1 features 13