Ssl
為 FTP 配置 SSL
我們正在使我們的網站符合 PCI 標準。我們面臨的漏洞之一如下。
Description: SSL Version 2 (v2) Protocol Detection (for ftp) Synopsis: The remote service encrypts traffic using a protocol with known weaknesses. Resolution: Purchase or generate a proper certificate for this service.另一個如下(程序又是FTP)
Description: SSL Certificate Cannot Be Trusted Synopsis: The SSL certificate for this service cannot be trusted. Resolution: Purchase or generate a proper certificate for this service.經過研究,我認為我們需要為 FTP 購買 SSL 證書。現在我有一些問題
1) When I try to purchase an SSL certificate for FTP there is no option for SSL certificate specific for FTP. So which should we buy? I know this might depend on my security company (like Thwate, Verisign etc..) but if possible then can someone give an example? 2) Our site does have HTTP SSL and it is installed perfectly and working perfectly so will the same certificate (HTTP SSL Certificate) work for FTP too?? 3) Which should we configure here, FTPS or SFTP?
**1)**你可以購買一個 Webserver 證書,它可以工作。
**2)**如果CN(blog.domain.com)相同,就可以了。
3) FTPS和SFTP不一樣:
- FTPS 是基於 SSL/TLS 的 FTP。
- SFTP 是基於 SSH 的 FTP。
在您的情況下,它是 FTP(S)。