Ask the Expert

How FTPS differs from TLS

Does VeriSign have a solution for FTPS (FTP over SSL)? Is there an existing implementation on this? If so, how does it work?

    Requires Free Membership to View

FTPS is an enhancement to FTP that uses the standard FTP protocol and commands over secure sockets, adding SSL (Secure Socket Layer) security to both the protocol and data channels. FTPS is also known as FTP-SSL and FTP-over-SSL. SSL is a protocol that encrypts and decrypts data across a secure connection from a client to a server with SSL capabilities. The server sends the client a certificate and a public key for encryption. If the client trusts the server's certificate, the SSL connection can be established. All data that passes from one side to the other will be encrypted, and only the client and the server can decrypt the data. The SSL protocol is the same protocol used in FTPS. You may also see SSL used in conjunction with TSL. SSL has merged with other protocols and authentication methods to form a new protocol known as Transport Layer Security (TLS).

Although a server requires you to present a digital certificate before you use FTPS, you don't have to use a certificate issued by VeriSign. You can use a digital certificate issued by any of the well-known certificate authorities, or, one you have issued yourself, using Microsoft Certificate Server for example. You can have a trusted certificate authority, such as Verisign or Thawte, sign the certificates you create. There are plenty of FTP programs that can handle FTPS. One is GlobalSCAPE's Secure FTP Server, which includes a full digital certificate management system for creating, signing and importing digital certificates to a trusted list. It also supports client authentication to verify users' identities by forcing users to present a certificate. The server compares the client certificate to a list contained in its trusted certificates database, and then either accepts or rejects the connection based upon a match.

This was first published in December 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: