Set up SSL client certificate authentication with AD in TurboFTP FTPS/HTTPS Server

Overview

One of the approaches to strengthen the security of HTTPS/FTPS(secure FTP) server's logon process is to use SSL client certificate authentication. This step-by-step guide will show you how to configure Active Directory, TurboFTP Server, and Client to use certificates.

Export RootCA certificate from CA console

  1. Open Active Directory Certification Authority console.

  2. Right-click on the CA and choose Properties.

  3. On the General tab, click View Certificate.

  4. Click on Copy to File button.

  5. Leave the default file format and click Next.

  6. Click Browse and provide a path where to store the CA certificate.

  7. Click Next, and confirm your export operation. Once the certificate is exported, you will see an affirmative message.

Import RootCA certificate to TurboFTP Server

  1. In the TurboFTP Server management console, click on Local Server.

  2. Switch to the SSL Certs tab and click Import.

  3. Provide a name and path to the certificate and click OK.

Create TurboFTP SSL Server certificate

  1. Click on the New button to create an SSL certificate (on the server).

  2. Provide certificate name and passphrase (other options can be left with default values).

  3. Provide Certificate Subject Information.

  4. Click Next to generate a certificate.

Configure TurboFTP Server to accept secure SSL connections

  • Click on FTP Server, go to Connection tab, Enable Allow Explicit SSL for FTP or Allow Explicit TLS for FTP check boxes and select appropriate certificates.

Configure TurboFTP Server to accept secure SSL connections

To automatically enroll clients for certificates in a Windows domain environment, use Group Policy certificates auto-enrollment by following the official guide from Microsoft.

Please note this is only an example of setting up SSL client certificate authentication for users in TurboFTP Server. This authentication function is not limited to Active Directory users or bound to Windows Certification Authority. You can use a third-party CA certificate and create/distribute client certificates signed by the CA to users, who can be from any authentication source that TurboFTP Server supports.
We use cookies to maintain login sessions, analytics and to improve your experience on our website. By continuing to use our site, you accept our use of cookies, and Privacy Policy.
Ok