How to monitor SSL Certificate of FTPS server?
Two modes to invoke client security in FTPS
- Explicit mode
- Implicit mode
Explicit mode (Default port 21) - This port shouldn't be used
- In Explicit mode, an FTPS client must "explicitly request" security from an FTPS server by sending an FTP command "START SSL or START TLS" and then step up to a mutually agreed encryption method. If a client does not request security with the above command, the FTPS server can either allow the client to continue in insecure mode or refuse the connection.
- From Applications Manager (i.e. FTPS client) we don't send such FTP command, hence the connection remains insecure and below error message is shown
- "Host does not support (SSL)secured connection"
Implicit mode (Default port 990) - This port should be used
- In Implicit mode, an FTPS client can make direct SSL/TLS connection without any additional requests.
- Port 990 can be used for monitoring FTPS server's SSL Certificate.
Note: Only port configured for Implicit mode (default port 990) can be used for monitoring FTPS server's SSL Certificate
New to ADSelfService Plus?
Related Articles
LDAP - Unable to find valid SSL Certificate
If there is an error while adding LDAP Server Monitor with the message "Unable to find valid SSL Certificate", then please try the below steps to troubleshoot the issue. When the error occurs we can find the below traces in the "stderr.txt.*" log ...
Mail Server Monitor - Troubleshooting
Common Mail Server Monitor Errors and Troubleshooting Guide 1. Unknown Host Error Description: This error occurs when the mail client cannot resolve the hostname of the mail server to an IP address. The issue typically arises from DNS resolution ...
Troubleshooting SSL Handshake Error
SSL Handshake Error SSL Handshake error occurs when a secure connection cannot be established to the URL added for monitoring. Common reasons for it are wrong SSL protocol version, incompatible ciphers, and invalid/missing client-side certificate. ...
How to import certificates for monitoring DB2 Server with SSL authentication?
By default, if you want to use self-signed certificates for SSL connection then the certificate generated by the DB2 server will be db2server.arm. But our AppManager doesn't support arm files. So it has to be renamed as the db2server.cer and then ...
Troubleshooting URL Monitor
Here are few of the common errors you may come across in URL monitor, we have mentioned the steps you can follow to troubleshoot them. General troubleshooting for URL monitor Ensure that the URL is accessible from the server in which Applications ...