Client Documentation

Start Page 3. Configuration instructions 3.5. FTP and FTPS specific configuration

3.5. FTP and FTPS specific configuration

The following section describes options available only for FTP and FTPS transfers.

3.5.1. Generic FTP

3.5.1.1. ftpsmode

Optional:

Yes

Default value:

‘explicit’

Values:
  • ‘implicit’
  • ‘explicit’
From version:

1.5.1

To version:

None

Description:

The type of FTPS protocol used for this transfer.

Valid only for FTPS.

3.5.1.2. ftpactiveip

Optional:

Yes

Default value:

None

Values:
  • IP address used for active FTP connections.
From version:

1.5.1

To version:

None

Description:

Only for FTP and FTPS. Connect using PORT (active mode) instead of PASSV (passive mode). Value is the IP of the client machine.

E.g. ftpactiveip = ‘192.168.1.123’

3.5.1.3. ascii

Optional:

Yes

Default value:

‘n’

Values:
  • ‘n’
  • ‘y’
From version:

1.5.1

To version:

None

Description:

Transfer files using FTP text mode.

3.5.1.4. preservefilemodtime

Optional:

Yes

Default value:

‘n’

Values:
  • ‘n’
  • ‘y’
From version:

1.5.1

To version:

None

Description:

Preserve file modification time from server. Only works for files downloaded using FTP/FTPS.

3.5.2. FTPS only

3.5.2.1. clientcert

Optional:

Yes

Default value:

None

Values:
  • Path to client SSL certificate + certificate key.
From version:

1.5.1

To version:

None

Description:

Path to client SSL certificate + certificate key.

DER and PEM formats are accepted.

PEM format is recommended.

3.5.2.2. clientcerpass

Optional:

Yes

Default value:

None

Values:
  • Password for the certificate as text.
From version:

1.5.1

To version:

None

Description:

In case the certificate is encrypted using a password, this specifies the password used for decrypting the certificate’s key file.

3.5.2.3. cacert

Optional:

Yes

Default value:

None

Values:
  • Path to CA file.
From version:

1.5.1

To version:

None

Description:

Use the specified certificate file to verify the peer. The file may contain multiple CA certificates.

The certificate(s) must be in PEM format.

3.5.2.4. ciphers

Optional:

Yes

Default value:

‘ALL:!aNULL:!eNULL’

Values:
  • Ciphers list in OpenSSL format.
From version:

1.5.1

To version:

None

Description:

The list of enabled ciphers to be used in SSL based protocols. For ciphers list format see: http://www.openssl.org/docs/apps/ciphers.html

3.5.2.5. useinsecuresslv3

Optional:

Yes

Default value:

‘n’

Values:
  • ‘y’
  • ‘n’
From version:

1.5.50

To version:

None

Description:

When this is enabled, SSLv3 method is used to connect to remote servers.

SSLv3 is disabled by default due to POODLE vulnerability.

In case you need to interact with old SSL implementation supporting only SSLv3 it is highly recommended to force the usage of the non-CBC cipher RC4-SHA by configuring ciphers = 'RC4-SHA'.

3.5.2.6. ftpsccc

Optional:

Yes

Default value:

‘n’

Values:
  • ‘y’
  • ‘n’
From version:

1.5.29

To version:

None

Description:

Sends the FTPS CCC command after a succesful authentication.

This will disable encryption on the command channel.

When this option is enable, firewall will be able to detect new data channel connections.

Valid only for FTPS.

3.5.2.7. ftpscccmode

Optional:

Yes

Default value:

‘passive’

Values:
  • ‘passive’
  • ‘active’
From version:

1.5.29

To version:

None

Description:

Only for FTPS. Configures how FTPS CCC connections are terminated. For ‘passive’ the client will wait for the server to initiate the closing procedures. On ‘active’ the client will initiate the closing procedures.