Securing your server with a TLS certificate is fundamental to ensure the protection of data during file transfers.
TLS certificates encrypt the communication between your server and clients and between the server and the server’s Administration interface, ensuring that data remains confidential and integer.
Since the TLS certificate used by the server for administrative connections is generated automatically during installation. However, you can enhance security by installing a custom certificate.
FileZilla Pro Enterprise Server offers several options for managing TLS certificates: it can be installed choosing the appropriate option from the following:
- Provide a certificate: You can upload a certificate you already own, enter it manually, or use a certificate already stored on the server. This option is suitable for advanced users who prefer precise configuration.
- Generate a self-signed certificate. This is a quick and easy way to enable TLS, but it’s important to note that it’s not trusted by default. This means clients may need to manually accept the certificate or add a trusted root CA.
- Generate a certificate using Let’s Encrypt®. Let’s Encrypt is a free, automated, and open Certificate Authority (CA) that provides trusted certificates. By utilizing Let’s Encrypt, you can obtain and install trusted certificates without any cost.
Note: If you receive a warning stating The TLS certificates of the following protocols have expired, it means the certificate has expired and needs to be reissued using one of the available options. To fix this, you can either upload a new certificate, generate a self-signed one, or obtain a free certificate from Let’s Encrypt.
Related Topics: