We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Whilst the normal FTP connection works, the FTP with TLS and Let's encrypt certificates is not working.
Any help would be appreciated. Many thanks
Client connection
Server settings
Allow connections via FTPs
SFTPGo 2.6.2 636a1c2
sqlite
Community Docker image
sftpgo.json config { "common": { "idle_timeout": 15, "upload_mode": 0, "actions": { "execute_on": [], "execute_sync": [], "hook": "" }, "setstat_mode": 0, "rename_mode": 0, "resume_max_size": 0, "temp_path": "", "proxy_protocol": 0, "proxy_allowed": [], "proxy_skipped": [], "startup_hook": "", "post_connect_hook": "", "post_disconnect_hook": "", "data_retention_hook": "", "max_total_connections": 0, "max_per_host_connections": 20, "allowlist_status": 0, "allow_self_connections": 0, "umask": "", "server_version": "", "metadata": { "read": 0 }, "defender": { "enabled": false, "driver": "memory", "ban_time": 30, "ban_time_increment": 50, "threshold": 15, "score_invalid": 2, "score_valid": 1, "score_limit_exceeded": 3, "score_no_auth": 0, "observation_time": 30, "entries_soft_limit": 100, "entries_hard_limit": 150, "login_delay": { "success": 0, "password_failed": 1000 } }, "rate_limiters": [ { "average": 0, "period": 1000, "burst": 1, "type": 2, "protocols": [ "SSH", "FTP", "DAV", "HTTP" ], "generate_defender_events": false, "entries_soft_limit": 100, "entries_hard_limit": 150 } ] }, "acme": { "domains": [], "email": "", "key_type": "4096", "certs_path": "certs", "ca_endpoint": "https://acme-v02.api.letsencrypt.org/directory", "renew_days": 30, "http01_challenge": { "port": 80, "proxy_header": "", "webroot": "" }, "tls_alpn01_challenge": { "port": 0 } }, "sftpd": { "bindings": [ { "port": 2022, "address": "", "apply_proxy_config": true } ], "max_auth_tries": 0, "host_keys": [], "host_certificates": [], "host_key_algorithms": [], "kex_algorithms": [], "min_dh_group_exchange_key_size": 2048, "ciphers": [], "macs": [], "public_key_algorithms": [], "trusted_user_ca_keys": [], "revoked_user_certs_file": "", "login_banner_file": "", "enabled_ssh_commands": [ "md5sum", "sha1sum", "sha256sum", "cd", "pwd", "scp" ], "keyboard_interactive_authentication": true, "keyboard_interactive_auth_hook": "", "password_authentication": true, "folder_prefix": "" }, "ftpd": { "bindings": [ { "port": "2121", "address": "", "apply_proxy_config": true, "tls_mode": "1", "tls_session_reuse": 0, "certificate_file": "/etc/sftpgo/certs/ftp.domain.com.crt", "certificate_key_file": "/etc/sftpgo/certs/ftp.domain.com.key", "min_tls_version": 12, "force_passive_ip": "", "passive_ip_overrides": [], "passive_host": "", "client_auth_type": 0, "tls_cipher_suites": [], "passive_connections_security": 0, "active_connections_security": 0, "ignore_ascii_transfer_type": 0, "debug": true } ], "banner_file": "", "active_transfers_port_non_20": true, "passive_port_range": { "start": 50000, "end": 50100 }, "disable_active_mode": true, "enable_site": false, "hash_support": 0, "combine_support": 0, "certificate_file": "", "certificate_key_file": "", "ca_certificates": [], "ca_revocation_lists": [] }, "webdavd": { "bindings": [ { "port": 0, "address": "", "enable_https": false, "certificate_file": "", "certificate_key_file": "", "min_tls_version": 12, "client_auth_type": 0, "tls_cipher_suites": [], "tls_protocols": [], "prefix": "", "proxy_allowed": [], "client_ip_proxy_header": "", "client_ip_header_depth": 0, "disable_www_auth_header": false } ], "certificate_file": "/etc/sftpgo/certs/ftp.domain.com.crt", "certificate_key_file": "/etc/sftpgo/certs/ftp.domain.com.key", "ca_certificates": [], "ca_revocation_lists": [], "cors": { "enabled": false, "allowed_origins": [], "allowed_methods": [], "allowed_headers": [], "exposed_headers": [], "allow_credentials": false, "max_age": 0, "options_passthrough": false, "options_success_status": 0, "allow_private_network": false }, "cache": { "users": { "expiration_time": 0, "max_size": 50 }, "mime_types": { "enabled": true, "max_size": 1000, "custom_mappings": [] } } }, "data_provider": { "driver": "sqlite", "name": "sftpgo.db", "host": "", "port": 0, "username": "", "password": "", "sslmode": 0, "disable_sni": false, "target_session_attrs": "", "root_cert": "", "client_cert": "", "client_key": "", "connection_string": "", "sql_tables_prefix": "", "track_quota": 2, "delayed_quota_update": 0, "pool_size": 0, "users_base_dir": "/srv/sftpgo/data", "actions": { "execute_on": [], "execute_for": [], "hook": "" }, "external_auth_hook": "", "external_auth_scope": 0, "pre_login_hook": "", "post_login_hook": "", "post_login_scope": 0, "check_password_hook": "", "check_password_scope": 0, "password_hashing": { "bcrypt_options": { "cost": 10 }, "argon2_options": { "memory": 65536, "iterations": 1, "parallelism": 2 }, "algo": "bcrypt" }, "password_validation": { "admins": { "min_entropy": 0 }, "users": { "min_entropy": 0 } }, "password_caching": true, "update_mode": 0, "create_default_admin": false, "naming_rules": 5, "is_shared": 0, "node": { "host": "", "port": 0, "proto": "http" }, "backups_path": "/srv/sftpgo/backups" }, "httpd": { "bindings": [ { "port": 8080, "address": "", "enable_web_admin": true, "enable_web_client": true, "enable_rest_api": true, "enabled_login_methods": 0, "enable_https": false, "certificate_file": "", "certificate_key_file": "", "min_tls_version": 12, "client_auth_type": 0, "tls_cipher_suites": [], "tls_protocols": [], "proxy_allowed": [], "client_ip_proxy_header": "", "client_ip_header_depth": 0, "hide_login_url": 0, "render_openapi": true, "oidc": { "client_id": "", "client_secret": "", "client_secret_file": "", "config_url": "", "redirect_base_url": "", "scopes": [ "openid", "profile", "email" ], "username_field": "", "role_field": "", "implicit_roles": false, "custom_fields": [], "insecure_skip_signature_check": false, "debug": false }, "security": { "enabled": false, "allowed_hosts": [], "allowed_hosts_are_regex": false, "hosts_proxy_headers": [], "https_redirect": false, "https_host": "", "https_proxy_headers": [], "sts_seconds": 0, "sts_include_subdomains": false, "sts_preload": false, "content_type_nosniff": false, "content_security_policy": "", "permissions_policy": "", "cross_origin_opener_policy": "" }, "branding": { "web_admin": { "name": "", "short_name": "", "favicon_path": "", "logo_path": "", "disclaimer_name": "", "disclaimer_path": "", "default_css": [], "extra_css": [] }, "web_client": { "name": "", "short_name": "", "favicon_path": "", "logo_path": "", "disclaimer_name": "", "disclaimer_path": "", "default_css": [], "extra_css": [] } } } ], "templates_path": "templates", "static_files_path": "static", "openapi_path": "openapi", "web_root": "", "certificate_file": "", "certificate_key_file": "", "ca_certificates": [], "ca_revocation_lists": [], "signing_passphrase": "", "signing_passphrase_file": "", "token_validation": 0, "max_upload_file_size": 0, "cors": { "enabled": false, "allowed_origins": [], "allowed_methods": [], "allowed_headers": [], "exposed_headers": [], "allow_credentials": false, "max_age": 0, "options_passthrough": false, "options_success_status": 0, "allow_private_network": false }, "setup": { "installation_code": "", "installation_code_hint": "Installation code" }, "hide_support_link": false }, "telemetry": { "bind_port": 0, "bind_address": "127.0.0.1", "enable_profiler": false, "auth_user_file": "", "certificate_file": "", "certificate_key_file": "", "min_tls_version": 12, "tls_cipher_suites": [], "tls_protocols": [] }, "http": { "timeout": 20, "retry_wait_min": 2, "retry_wait_max": 30, "retry_max": 3, "ca_certificates": [], "certificates": [], "skip_tls_verify": false, "headers": [] }, "command": { "timeout": 30, "env": [], "commands": [] }, "kms": { "secrets": { "url": "", "master_key": "", "master_key_path": "" } }, "mfa": { "totp": [ { "name": "Default", "issuer": "SFTPGo", "algo": "sha1" } ] }, "smtp": { "host": "", "port": 587, "from": "", "user": "", "password": "", "auth_type": 0, "encryption": 0, "domain": "", "templates_path": "templates", "debug": 0, "oauth2": { "provider": 0, "tenant": "", "client_id": "", "client_secret": "", "refresh_token": "" } }, "plugins": [] }
Error log - IPs ommited 2024-10-17T15:29:53.621 DBG Client connected | sender=ftpserverlib server_id=FTP_0 clientId=1 clientIp=1x.yy.yy.6:63261 2024-10-17T15:29:53.623 DBG connection added, local address "1xx.1x.0.2:2121", remote address "1x.yy.yy.6:63261", num open connections: 1 | sender=FTP connection_id=FTP_0_1 2024-10-17T15:29:53.652 ERR Read error | sender=ftpserverlib server_id=FTP_0 clientId=1 err=tls: client offered only unsupported versions: [302 301] 2024-10-17T15:29:53.652 DBG connection removed, local address "1xx.1x.0.2:2121", remote address "1x.yy.yy.6:63261" close fs error: <nil>, num open connections: 0 | sender=FTP connection_id=FTP_0_1 2024-10-17T15:29:53.652 DBG | sender=connection_failed client_ip=1x.yy.yy.6 username= login_type=no_auth_tried protocol=FTP error=no auth tried 2024-10-17T15:29:53.652 DBG Client disconnected | sender=ftpserverlib server_id=FTP_0 clientId=1 clientIp=1x.yy.yy.6:63261
Private user, home usecase (home backup/VPS)
No response
The text was updated successfully, but these errors were encountered:
@drakkan FYA please, TIA!
Sorry, something went wrong.
No branches or pull requests
Bug description
Whilst the normal FTP connection works, the FTP with TLS and Let's encrypt certificates is not working.
Any help would be appreciated. Many thanks
Steps to reproduce
Client connection
Server settings
Expected behavior
Allow connections via FTPs
SFTPGo version
SFTPGo 2.6.2 636a1c2
Data provider
sqlite
Installation method
Community Docker image
Configuration
sftpgo.json config
{
"common": {
"idle_timeout": 15,
"upload_mode": 0,
"actions": {
"execute_on": [],
"execute_sync": [],
"hook": ""
},
"setstat_mode": 0,
"rename_mode": 0,
"resume_max_size": 0,
"temp_path": "",
"proxy_protocol": 0,
"proxy_allowed": [],
"proxy_skipped": [],
"startup_hook": "",
"post_connect_hook": "",
"post_disconnect_hook": "",
"data_retention_hook": "",
"max_total_connections": 0,
"max_per_host_connections": 20,
"allowlist_status": 0,
"allow_self_connections": 0,
"umask": "",
"server_version": "",
"metadata": {
"read": 0
},
"defender": {
"enabled": false,
"driver": "memory",
"ban_time": 30,
"ban_time_increment": 50,
"threshold": 15,
"score_invalid": 2,
"score_valid": 1,
"score_limit_exceeded": 3,
"score_no_auth": 0,
"observation_time": 30,
"entries_soft_limit": 100,
"entries_hard_limit": 150,
"login_delay": {
"success": 0,
"password_failed": 1000
}
},
"rate_limiters": [
{
"average": 0,
"period": 1000,
"burst": 1,
"type": 2,
"protocols": [
"SSH",
"FTP",
"DAV",
"HTTP"
],
"generate_defender_events": false,
"entries_soft_limit": 100,
"entries_hard_limit": 150
}
]
},
"acme": {
"domains": [],
"email": "",
"key_type": "4096",
"certs_path": "certs",
"ca_endpoint": "https://acme-v02.api.letsencrypt.org/directory",
"renew_days": 30,
"http01_challenge": {
"port": 80,
"proxy_header": "",
"webroot": ""
},
"tls_alpn01_challenge": {
"port": 0
}
},
"sftpd": {
"bindings": [
{
"port": 2022,
"address": "",
"apply_proxy_config": true
}
],
"max_auth_tries": 0,
"host_keys": [],
"host_certificates": [],
"host_key_algorithms": [],
"kex_algorithms": [],
"min_dh_group_exchange_key_size": 2048,
"ciphers": [],
"macs": [],
"public_key_algorithms": [],
"trusted_user_ca_keys": [],
"revoked_user_certs_file": "",
"login_banner_file": "",
"enabled_ssh_commands": [
"md5sum",
"sha1sum",
"sha256sum",
"cd",
"pwd",
"scp"
],
"keyboard_interactive_authentication": true,
"keyboard_interactive_auth_hook": "",
"password_authentication": true,
"folder_prefix": ""
},
"ftpd": {
"bindings": [
{
"port": "2121",
"address": "",
"apply_proxy_config": true,
"tls_mode": "1",
"tls_session_reuse": 0,
"certificate_file": "/etc/sftpgo/certs/ftp.domain.com.crt",
"certificate_key_file": "/etc/sftpgo/certs/ftp.domain.com.key",
"min_tls_version": 12,
"force_passive_ip": "",
"passive_ip_overrides": [],
"passive_host": "",
"client_auth_type": 0,
"tls_cipher_suites": [],
"passive_connections_security": 0,
"active_connections_security": 0,
"ignore_ascii_transfer_type": 0,
"debug": true
}
],
"banner_file": "",
"active_transfers_port_non_20": true,
"passive_port_range": {
"start": 50000,
"end": 50100
},
"disable_active_mode": true,
"enable_site": false,
"hash_support": 0,
"combine_support": 0,
"certificate_file": "",
"certificate_key_file": "",
"ca_certificates": [],
"ca_revocation_lists": []
},
"webdavd": {
"bindings": [
{
"port": 0,
"address": "",
"enable_https": false,
"certificate_file": "",
"certificate_key_file": "",
"min_tls_version": 12,
"client_auth_type": 0,
"tls_cipher_suites": [],
"tls_protocols": [],
"prefix": "",
"proxy_allowed": [],
"client_ip_proxy_header": "",
"client_ip_header_depth": 0,
"disable_www_auth_header": false
}
],
"certificate_file": "/etc/sftpgo/certs/ftp.domain.com.crt",
"certificate_key_file": "/etc/sftpgo/certs/ftp.domain.com.key",
"ca_certificates": [],
"ca_revocation_lists": [],
"cors": {
"enabled": false,
"allowed_origins": [],
"allowed_methods": [],
"allowed_headers": [],
"exposed_headers": [],
"allow_credentials": false,
"max_age": 0,
"options_passthrough": false,
"options_success_status": 0,
"allow_private_network": false
},
"cache": {
"users": {
"expiration_time": 0,
"max_size": 50
},
"mime_types": {
"enabled": true,
"max_size": 1000,
"custom_mappings": []
}
}
},
"data_provider": {
"driver": "sqlite",
"name": "sftpgo.db",
"host": "",
"port": 0,
"username": "",
"password": "",
"sslmode": 0,
"disable_sni": false,
"target_session_attrs": "",
"root_cert": "",
"client_cert": "",
"client_key": "",
"connection_string": "",
"sql_tables_prefix": "",
"track_quota": 2,
"delayed_quota_update": 0,
"pool_size": 0,
"users_base_dir": "/srv/sftpgo/data",
"actions": {
"execute_on": [],
"execute_for": [],
"hook": ""
},
"external_auth_hook": "",
"external_auth_scope": 0,
"pre_login_hook": "",
"post_login_hook": "",
"post_login_scope": 0,
"check_password_hook": "",
"check_password_scope": 0,
"password_hashing": {
"bcrypt_options": {
"cost": 10
},
"argon2_options": {
"memory": 65536,
"iterations": 1,
"parallelism": 2
},
"algo": "bcrypt"
},
"password_validation": {
"admins": {
"min_entropy": 0
},
"users": {
"min_entropy": 0
}
},
"password_caching": true,
"update_mode": 0,
"create_default_admin": false,
"naming_rules": 5,
"is_shared": 0,
"node": {
"host": "",
"port": 0,
"proto": "http"
},
"backups_path": "/srv/sftpgo/backups"
},
"httpd": {
"bindings": [
{
"port": 8080,
"address": "",
"enable_web_admin": true,
"enable_web_client": true,
"enable_rest_api": true,
"enabled_login_methods": 0,
"enable_https": false,
"certificate_file": "",
"certificate_key_file": "",
"min_tls_version": 12,
"client_auth_type": 0,
"tls_cipher_suites": [],
"tls_protocols": [],
"proxy_allowed": [],
"client_ip_proxy_header": "",
"client_ip_header_depth": 0,
"hide_login_url": 0,
"render_openapi": true,
"oidc": {
"client_id": "",
"client_secret": "",
"client_secret_file": "",
"config_url": "",
"redirect_base_url": "",
"scopes": [
"openid",
"profile",
"email"
],
"username_field": "",
"role_field": "",
"implicit_roles": false,
"custom_fields": [],
"insecure_skip_signature_check": false,
"debug": false
},
"security": {
"enabled": false,
"allowed_hosts": [],
"allowed_hosts_are_regex": false,
"hosts_proxy_headers": [],
"https_redirect": false,
"https_host": "",
"https_proxy_headers": [],
"sts_seconds": 0,
"sts_include_subdomains": false,
"sts_preload": false,
"content_type_nosniff": false,
"content_security_policy": "",
"permissions_policy": "",
"cross_origin_opener_policy": ""
},
"branding": {
"web_admin": {
"name": "",
"short_name": "",
"favicon_path": "",
"logo_path": "",
"disclaimer_name": "",
"disclaimer_path": "",
"default_css": [],
"extra_css": []
},
"web_client": {
"name": "",
"short_name": "",
"favicon_path": "",
"logo_path": "",
"disclaimer_name": "",
"disclaimer_path": "",
"default_css": [],
"extra_css": []
}
}
}
],
"templates_path": "templates",
"static_files_path": "static",
"openapi_path": "openapi",
"web_root": "",
"certificate_file": "",
"certificate_key_file": "",
"ca_certificates": [],
"ca_revocation_lists": [],
"signing_passphrase": "",
"signing_passphrase_file": "",
"token_validation": 0,
"max_upload_file_size": 0,
"cors": {
"enabled": false,
"allowed_origins": [],
"allowed_methods": [],
"allowed_headers": [],
"exposed_headers": [],
"allow_credentials": false,
"max_age": 0,
"options_passthrough": false,
"options_success_status": 0,
"allow_private_network": false
},
"setup": {
"installation_code": "",
"installation_code_hint": "Installation code"
},
"hide_support_link": false
},
"telemetry": {
"bind_port": 0,
"bind_address": "127.0.0.1",
"enable_profiler": false,
"auth_user_file": "",
"certificate_file": "",
"certificate_key_file": "",
"min_tls_version": 12,
"tls_cipher_suites": [],
"tls_protocols": []
},
"http": {
"timeout": 20,
"retry_wait_min": 2,
"retry_wait_max": 30,
"retry_max": 3,
"ca_certificates": [],
"certificates": [],
"skip_tls_verify": false,
"headers": []
},
"command": {
"timeout": 30,
"env": [],
"commands": []
},
"kms": {
"secrets": {
"url": "",
"master_key": "",
"master_key_path": ""
}
},
"mfa": {
"totp": [
{
"name": "Default",
"issuer": "SFTPGo",
"algo": "sha1"
}
]
},
"smtp": {
"host": "",
"port": 587,
"from": "",
"user": "",
"password": "",
"auth_type": 0,
"encryption": 0,
"domain": "",
"templates_path": "templates",
"debug": 0,
"oauth2": {
"provider": 0,
"tenant": "",
"client_id": "",
"client_secret": "",
"refresh_token": ""
}
},
"plugins": []
}
Relevant log output
What are you using SFTPGo for?
Private user, home usecase (home backup/VPS)
Additional info
No response
The text was updated successfully, but these errors were encountered: