pure-FTPD のその後(2)
$ ./configure --with-everything --with-paranoidmsg \
--without-capabilities --with-virtualchroot --without-pam \
--without-banner --with-tls \
--prefix=/usr/local/pure-ftpd.1.0.20.TLS$ make
$ su
Password:# make install
# openssl req -x509 -nodes -newkey rsa:1024 -keyout \
> /etc/ssl/private/pure-ftpd.pem \
> -out /etc/ssl/private/pure-ftpd.pem
Generating a 1024 bit RSA private key
............++++++
...........................................++++++
writing new private key to '/etc/ssl/private/pure-ftpd.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:JP
State or Province Name (full name) [Some-State]:.
Locality Name (eg, city) :.
Organization Name (eg, company) [Internet Widgits Pty Ltd]:.
Organizational Unit Name (eg, section) :.
Common Name (eg, YOUR name) :TEST
Email Address :.
# chmod 600 /etc/ssl/private/*.pem
# cat /etc/ssl/private/pure-ftpd.pem
-----BEGIN RSA PRIVATE KEY-----
MIICXAIBAAKBgQC5E/rOmCN7AyDq+5Lt7RztL9PiysNs0egtS32qUuiUTe1SQOjR
・・・
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIICLDCCAZWgAwIBAgIBADANBgkqhkiG9w0BAQQFADAfMQswCQYDVQQGEwJKUDEQ
・・・
-----END CERTIFICATE-----# cd /usr/local/pure-ftpd.1.0.20.TLS/sbin/
# ./pure-ftpd --tls=1 -S 0.0.0.0,1021
- と、サクッとなんの問題も無く完了
- TLS AUTHな、FTPクライアントなんぞ普段つかってないんで、「FlashFXP v3.0体験版」にて、接続確認。
- TLS AUTHな部分で、インストール時に設定した証明書が表示されて無事、起動しているのがわかる。
- syslogにも、なにげにはかれてました
SSL/TLS: Enabled TLSv1/SSLv3 with DES-CBC3-SHA, 168 secret bits cipher
