CSR CREATION AND SSL CERTIFICATE INSTALLATION INSTRUCTIONS FOR FILEZILLA

OPEN SSL CERTIFICATE SIGNING REQUEST (CSR) CREATION FOR FILEZILLA SSL

Before installing your SSL certificate, you first need to create a Certificate Signing Request (CSR). Use these instructions to build your own shell commands to generate your FileZilla CSR. If you already have your SSL certificate and just need to install it, see below SSL Certificate Installation Instructions.

HOW TO GENERATE THE CSR FOR FILEZILLA SERVER?

FileZilla Client is a cross platform FTP, FTPS and SFTP (SSH File Transfer Protocol) client, it supports IPv6 and it is available in many languages. To enable secure communication over FileZilla server, you need to install SSL certificate. Before installing SSL, you need to create the CSR (certificate signing request). In this short information, we will experience about the process of generate the CSR on FileZilla server using OpenSSL.

GENERATE THE PRIVATE KEY

You need to use OpenSSL to generate the CSR and private key.

  • Type the following command at the prompt:

openssl genrsa –des3 –out www.mydomain.com.key 2048

Here, 2048 bit RSA key is used that should be saved as domain.key on the server.

Now, enter a password when asked for pass phrase and remember for future.

 

GENERATE THE CSR

Use SSH terminal to log in to FileZilla server.

Now you have to replace the default server name with your actual server name. Apply following command:

openssl req –new –newkey rsa:2048 –nodes –keyout server.key –out server.csr

  • There will be two files: private key file and CSR file (certificate signing request).

You have to provide common name, or provide the fully qualified domain name (FQDN). (Use asterisk at beginning of your common name (*.domain.com) if you are generating Certificate Signing Request for Wildcard SSL).

You will be asked to give organization information to create OpenSSL.csr file:

  • Common Name: A URL means FQDN that you want to secure
  • Organization: The legal name of your organization
  • Organization Unit: The name of department of your organization
  • City/Location: The city in which organization is located
  • State/Province: The state in which organization is located
  • Country: Country location of your organization
  • After generating CSR file, open text editor; copy the content including BEGIN and END tags. You will be prompt to paste the content into SSL certificate purchase.
  • Finally, save the generated. Key file that will be used in SSL certificate installation.

 

HOW TO GENERATE A CSR FOR FILEZILLA USING OPEN SSL

If you prefer, you can build your own shell commands to generate your FileZilla CSR.

  • Use your terminal (ssh) to login to your FileZilla server.
  • At the prompt, enter the following command, making sure to replace server with the name of your server:

openssl req –new –newkey rsa:2048 –nodes –keyout server.key –out server.csr

 

  • This starts the process for generating two files:
  1. The Private-Key file for the decryption of your SSL Certificate.
  2. A Certificate Signing Request (CSR) file, used to apply for your SSL Certificate.
  • When you are prompted for the Common Name (domain name), enter the fully qualified domain name (FQDN) for the site that you are securing.

Note:  If you are generating a FileZilla CSR for a TRUSTZONE Wildcard certificate, your common name should begin with an asterisk (i.e. *.example.com).

 

  • When you are prompted, enter your organizational information beginning with your geographic information.

Note: You may have default information set already. This creates your OpenSSL .csr file.

 

  • Open the .csr file with a text editor.
  • Copy the content, including the BEGIN and END tags, and paste it into the TRUSTZONE certificate orderform.
  • Save (back up) the generated .key file. You need it later for your SSL certificate installation.
  • After you receive your SSL Certificate from TRUSTZONE, you can install it.

 

HOW TO INSTALL AN SSL CERTIFICATE FOR FILEZILLA

On your FileZilla server, open FileZilla Server Options.

Click Edit > Settings.

  • In the FileZilla Server Options window, in the tree on the left side, select SSL/TLS settings.

  • On the right side, under SSL/TLS settings, check Enable SSL/TLS support.
  • In the Private key file box, enter the location of the key file that you generated when you created the CSR.

For example, C:\Program Files\FileZilla Server\your _domain_name.key

Note:  If you followed TRUSTZONE OpenSSL Certificate Signing Request (CSR) Creation for FileZilla SSL instructions, you do not need to enter a password in the Key password box.

 

  • In the certificate file box, enter the location of the .pem certificate file that contains the server certificate + intermediate certificate.

For example, C:\Program Files\FileZilla Server\your _domain_name.pem

  • When you are finished, click OK.
  • Your SSL Certificate is now installed and ready to use.
  • First Connection

On the first connection using the FileZilla client, you are presented with the certificate files from the server.

To avoid receiving this prompt on future connections, in the Unknown certificate window, check Always trust certificate in future sessions, and then click OK.

 

Last updated: August 11, 2017