Questions

How to setup a secure FTP server on Win 2003 server

+
0 Votes
Locked

How to setup a secure FTP server on Win 2003 server

saidfrh1
Hi,
I am a computer support specialist assigned to build a secure FTP server on a Windows server 2003 platform. The FTP server will have a public IP and sit in the DMZ. I am looking to build Self-signed SSL certificates on the cheap, without requiring a Certficate Authority. Is there a 'how to guide' for the above?
I am greateful for any information on how to configure the secure FTP/an information you can provide.
Thanks.

Said
  • +
    0 Votes

    Hmm

    Kjell_Andorsen

    Technically you could create a Stand-alone CA on the server or on another server on the network and have it assign an SSL cert to the FTP server. Since you just want a self-signed certificate you don't have to pay for anything. Server 2003 lets you create a CA on a server using the Certificate Authority mmc snap-in. No need to purchase additional software.

    +
    0 Votes
    saidfrh1

    Thanks,
    1. How to create a Stand-alone CA on the server? Is their a configuration guide you can oint me to?

    2. Does a CSR need to be created by the same server, and the same server generates a certificate?

    3. Does Win XP Pro have the capability to generate a secure encrypted session with above server?

    4. How to create a database on the server with user/clients user names and password for authentication for accessing the documents residing on the FTP server?

    Excuse my ignorance, I have a networking background/expired CCNA.

    +
    0 Votes
    Kjell_Andorsen

    The instructions for setting up a Stand-alone Root CA can be found here:
    http://technet2.microsoft.com/windowsserver/en/library/7a2c636a-bf86-479a-8729-d9b005514ee61033.mspx?mfr=true


    As for the implementation, you can set this CA to issue a certificate to the FTP server, since this is a self-signed CA, you will need to set all the clients to trust it, by default the browser will prompt them whether or not to accept the certificate since the source is not inherently trusted.

    You will need to assign the certificate you create to the FTP site through the IIS management console. All of this information is available at Microsoft's Technet site.

    +
    0 Votes
    techman1

    RaidenFTPD FTP server can be used for this purpose, it has self signed ssl certificate feature and supports SSL and TLS

    RidenFTPD <a href="http://www.raidenftpd.com/">FTP Server</a>

  • +
    0 Votes

    Hmm

    Kjell_Andorsen

    Technically you could create a Stand-alone CA on the server or on another server on the network and have it assign an SSL cert to the FTP server. Since you just want a self-signed certificate you don't have to pay for anything. Server 2003 lets you create a CA on a server using the Certificate Authority mmc snap-in. No need to purchase additional software.

    +
    0 Votes
    saidfrh1

    Thanks,
    1. How to create a Stand-alone CA on the server? Is their a configuration guide you can oint me to?

    2. Does a CSR need to be created by the same server, and the same server generates a certificate?

    3. Does Win XP Pro have the capability to generate a secure encrypted session with above server?

    4. How to create a database on the server with user/clients user names and password for authentication for accessing the documents residing on the FTP server?

    Excuse my ignorance, I have a networking background/expired CCNA.

    +
    0 Votes
    Kjell_Andorsen

    The instructions for setting up a Stand-alone Root CA can be found here:
    http://technet2.microsoft.com/windowsserver/en/library/7a2c636a-bf86-479a-8729-d9b005514ee61033.mspx?mfr=true


    As for the implementation, you can set this CA to issue a certificate to the FTP server, since this is a self-signed CA, you will need to set all the clients to trust it, by default the browser will prompt them whether or not to accept the certificate since the source is not inherently trusted.

    You will need to assign the certificate you create to the FTP site through the IIS management console. All of this information is available at Microsoft's Technet site.

    +
    0 Votes
    techman1

    RaidenFTPD FTP server can be used for this purpose, it has self signed ssl certificate feature and supports SSL and TLS

    RidenFTPD <a href="http://www.raidenftpd.com/">FTP Server</a>