|
| 
Help, configuration
and tips.
| | Certificates
 If
you want to enable any of the SSL options then you will need to provide an SSL
certificate. This dialog will allow you to view, create, import and delete your
SSL certificates. Create
- This will allow you to create your own self signed certificate. Read the next
section for more information. Import
- If you already have a certificate / private key pair that you wish to use
with Ability FTP Server, the Import facility allows you to load these in for use
with SSL. View
- This will use your default certificate viewer and open the selected certificate. Delete
- This will permanently remove certificates from the FTP server. Set
As Default - Although you can load multiple certificates into Ability FTP
Server, you can only use one certificate at any one time for SSL and TLS. This
option allows you to select which certificate should be used.
Creating New Certificates
 Ability
FTP Server gives you the power to create your own self signed
certificates. Self signed simply means that the certificate
is issued by you for your own use. However, because the certificates
created by this facility are not signed by a trusted authority
(eg. Verisign). Clients connecting to your FTP server using
SSL will usually prompt the user to ask whether they want to
trust your certificate or not. Most FTP clients usually give
an option to add your certificate to their trusted list. Once
added, your certificate will then be deemed trust worthy by
the client and the user will not be prompted again.
-
Certificate
Name - This is the name that will identify the newly created
certificate.
-
Expiry
Date - This lets you control the time span for which this
certificate can be used.
-
Common
Name - This represents the 'issued to' identifier for
the certificate. Because the certificate will be self signed,
this will also be the 'issued by' identifier.
-
Department
- This is the department that the certificate is intended
for within an organisation.
-
Organisation
- This is the name of the organisation that the certificate
is intended for.
-
Email
Address - This is the email address that any queries or
other contact related to the certificate should be directed
to.
-
City
/ Town - This is the city or town where the organisation
using the certificate is based.
-
State
/ Province - This is the state or province where the organisation
using the certificate is based.
-
Country
- This is the country where the organisation using the
certificate is based.
-
Private
Key Length - This is the size of the private key that
will be used with the certificate. A 1024 bit key will provide
stronger security.
Certificate
Signing Requests (CSR)
When you create a new certificate using Ability FTP Server, three files related to that certificate are generated in the 'certs' folder (usually C:\Program Files\Code-Crafters\Ability FTP Server\certs). These include a private key (.key) file, a certificate signing request (.csr) and a self signed certificate (.crt). Normally, you use the self signed certificate and corresponding private key for SSL communication. However, if you want to have your certificates signed by a trusted certificate authority, such as VeriSign, you will need to send them the certificate signing request (.csr) file. They can then sign this and send you back a new certificate (.crt or .cer) file. To use this new certificate you must import this back into Ability FTP Server using the original private key (.key) and newly signed certificate (.crt or .cer). For more details on importing certificates, please read the next section.
Import
Existing Certificates
 If
you already have a certificate / private key pair that you wish
to use with Ability FTP Server, the Import facility allows you
to load these in for use with SSL.
Private
Key - You can either enter the key file to be used or use the browse button to search for its location. The private key will normally be a file type key. However, Ability FTP Server is very versatile and can load in other file types as long as they contain a valid RSA Base64 encoded private key. It is not uncommon to have a combined file of format .pem which can contain both private key and certificate data. Ability FTP Server will extract the relevant parts and save them as separate files in its 'certs' folder. The private key and certificate are also checked to make sure they match each other. If the key and certificate filenames are different, the key will be renamed to match the certificate for simplicity.
Certificate
- You can either enter the certificate file to be used or use the browse button
to search for its location. The certificate will normally be of file type .crt
or .cer. However, Ability FTP Server is very versatile and can load in other file
types as long as they contain a valid certificate. It is not uncommon to have
a combined file of format .pem which can contain both private key and certificate
data. Ability FTP Server will extract the relevant parts and save them as separate
files in its 'certs' folder. The key and certificate are also checked to make
sure they match each other. If the key and certificate filenames are different,
the key will be renamed to match the certificate for simplicity. Certificate
Name (optional) - This gives you the option of renaming both the key and certificate files with a new name. This is useful if the previous filenames were ambiguous or not descriptive for the intended use.
View Your Certificates
 You
can view your certificates from the main certificates dialog by either double
clicking a certificate from the list or by selecting one and pressing 'View'.
This will open the certificate using your default certificate viewer. You will
notice that newly created certificates are marked as 'not trusted'. This is because
they are not signed by a trusted authority and also are not installed in your
systems trusted certificate list. You can usually install your certificates by
clicking 'Install Certificates...'. This will then add the certificate to your
trusted list and from then on be trusted within your system.
|
|
|
|
