[Bug 272219] ftp/pure-ftpd add support for certd

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 26 Jun 2023 09:35:16 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272219

            Bug ID: 272219
           Summary: ftp/pure-ftpd add support for certd
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: sunpoet@FreeBSD.org
          Reporter: matt@mgc.me.uk
          Assignee: sunpoet@FreeBSD.org
             Flags: maintainer-feedback?(sunpoet@FreeBSD.org)

Created attachment 243005
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=243005&action=edit
rc script diff

pure-certd is included with ftp/pure-ftpd and allows selecting a certificate
based on the TLS SNI name provided during connection. As with authd, ideally
the default rc script should allow starting the certd program.

This provides the ability to use ftp.{customer-domain} with the relevant
certificate as long as a script is created to output the correct cert/key
paths.

A sample script has been provided in this bug report although this is down to
the ftp server administrator to create.

Support is activated with the following rc.conf settings -

pureftpd_certd_enable="yes"
pureftpd_certdscript="/path/to/custom/certd.sh"

-- 
You are receiving this mail because:
You are the assignee for the bug.