How to monitor SSL Certificate of FTPS server?

How to monitor SSL Certificate of FTPS server?

Two modes to invoke client security in FTPS

1. Explicit mode
   
2. Implicit mode
   

Explicit mode (Default port 21) - This port shouldn't be used

1. In Explicit mode, an FTPS client must "explicitly request" security from an FTPS server by sending an FTP command "START SSL or START TLS" and then step up to a mutually agreed encryption method. If a client does not request security with the above command, the FTPS server can either allow the client to continue in insecure mode or refuse the connection.
   
2. From Applications Manager (i.e. FTPS client) we don't send such FTP command, hence the connection remains insecure and below error message is shown
1. "Host does not support (SSL)secured connection"

Implicit mode (Default port 990) - This port should be used

1.  In Implicit mode, an FTPS client can make direct SSL/TLS connection without any additional requests.
   
2. Port 990 can be used for monitoring FTPS server's SSL Certificate.

Note: Only port configured for Implicit mode (default port 990) can be used for monitoring FTPS server's SSL Certificate

• Related Articles

• LDAP - Unable to find valid SSL Certificate

  If there is an error while adding LDAP Server Monitor with the message "Unable to find valid SSL Certificate", then please try the below steps to troubleshoot the issue. When the error occurs we can find the below traces in the "stderr.txt.*" log ...

• Troubleshooting SSL Handshake Error

  SSL Handshake Error SSL Handshake error occurs when a secure connection cannot be established to the URL added for monitoring. Common reasons for it are wrong SSL protocol version, incompatible ciphers, and invalid/missing client-side certificate.  ...

• How to import certificates for monitoring DB2 Server with SSL authentication?

  By default, if you want to use self-signed certificates for SSL connection then the certificate generated by the DB2 server will be db2server.arm. But our AppManager doesn't support arm files. So it has to be renamed as the db2server.cer and then ...

• Troubleshooting URL Monitor

  Here are few of the common errors you may come across in URL monitor, we have mentioned the steps you can follow to troubleshoot them.   General troubleshooting for URL monitor Ensure that the URL is accessible from the server in which Applications ...

• How to import certificates for monitoring Postgres Server with SSL authentication?

  Error Message: The connection attempt failed! Reason: This error occurs when you are trying to add an SSL enabled server but the certificates which are used for SSL connection are not present in the cacerts. Solution:       To import certificates, ...