How to monitor SSL Certificate of FTPS server?
To monitor the SSL certificate of an FTPS server, Implicit mode is the recommended method. In this mode, the connection is automatically encrypted as soon as the client connects, making it ideal for monitoring SSL certificates.
Implicit Mode (Default Port: 990)
Overview: In Implicit FTPS mode, the client initiates an SSL/TLS connection immediately upon connecting to port 990. There is no need for an explicit STARTTLS or AUTH TLS command, as encryption is enabled automatically.
Monitoring SSL Certificate: For monitoring the SSL certificate of an FTPS server, you should use Implicit mode on port 990.
Why Not Explicit Mode (Default Port: 21)?
Explicit mode (typically using port 21) requires the client to explicitly request encryption by sending the appropriate FTP command (e.g., STARTTLS). Since this command is not automatically triggered by Applications Manager, an insecure connection may result, or the connection may fail altogether.

Notes
- Use Implicit mode (port 990) for SSL certificate monitoring.
- Explicit mode (port 21) does not automatically initiate encryption and may not be suitable for reliable certificate monitoring.
New to ADSelfService Plus?
Related Articles
LDAP - Unable to find valid SSL Certificate
If there is an error while adding LDAP Server Monitor with the message "Unable to find valid SSL Certificate", then please try the below steps to troubleshoot the issue. When the error occurs we can find the below traces in the "stderr.txt.*" log ...
Mail Server Monitor - Troubleshooting
Common Mail Server Monitor Errors and Troubleshooting Guide 1. Unknown Host Error Description: This error occurs when the mail client cannot resolve the hostname of the mail server to an IP address. The issue typically arises from DNS resolution ...
Troubleshooting SSL Handshake Error
An SSL Handshake error typically occurs when a secure connection cannot be established due to issues like incompatible SSL protocol versions, ciphers or missing client certificates. Verify URL Accessibility Ensure that the URL you’re monitoring is ...
How to import certificates for monitoring DB2 Server with SSL authentication?
By default, if you want to use self-signed certificates for SSL connection then the certificate generated by the DB2 server will be db2server.arm. But our AppManager doesn't support arm files. So it has to be renamed as the db2server.cer and then ...
How to import certificates for monitoring Oracle database with SSL authentication?
For users using Applications Manager version 14250 and below: One-way SSL: (Client authentication disabled) 1. Open the command prompt using 'Run as administrator' option and navigate to the Applications Manager installation directory. 2. Import your ...