I suggest you ...

Use Lets Encrypt to secure FTPs connections

Hi,

I usually use the ftp.site.com subdomain for the client FTP connections.
And to secure those connections I enabled FTPs. But at this point the users receive a certificate host name mismatch because the FTPs connection is being setup using the VPS Lets Encrypt cert.

It would be nice to use the Lets Encrypt certificate service also to secure the FTPs connections.

Thanks!

64 votes
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)

We’ll send you updates on this idea

Stephan shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

9 comments

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • AdminPlesk Staff (Community Manager, Plesk International GmbH) commented  ·   ·  Flag as inappropriate

    The current state on SNI in FTP software is close to "isn't working". In some cases, using a particular pair (client and server) of software, some scenarios may work. But once you do a side step, you face troubles.

    So, ladies and gentlemen, could you specify what FTP client you're using? It could help.

    -- rk

  • sysadmin commented  ·   ·  Flag as inappropriate

    Hello,

    I'd like to add my request for priority on this, especially since it is a known issue which, per support ticket response, is close to being worked on:

    >> The feature of having per-domain SSL certificates
    >> for FTP by Let's Encrypt is already known for our development

    This would be a big help. Currently we have to manually renew the certificates covering the FTP service, setting reminders for staff to check every server periodically. (In other words, it is possible, but is currently a manual process, when everything else about Let's Encrypt in Plesk is slick and automated). Thank you.

  • rdk commented  ·   ·  Flag as inappropriate

    Current solution is totally unusable. Everytime you connect to secured ftp of domain.com you get a warning that certificate common name does not match the domain you are connecting to. How it is supposed to work?

    This feature must have been implemented years ago.

  • DaveMurray commented  ·   ·  Flag as inappropriate

    Currently only web admin url, webmail and web server supported by the extension. We must complete support including mail server certs, ftp certs, or any service provided by plesk serving anything...

Feedback and Knowledge Base