FTPS is an extension of the File Transfer ( FTP ) that encrypts communications between a client and a server. FTPS uses Secure Sockets Layer ( SSL) certificates Windows -based FTP server and how to connect to that server with a compatible FTP client.
What are the advantages of FTPS?
FTPS offers several advantages over traditional FTP:
- It protects your files against listening, modification or theft by malicious third parties.
- It allows you to comply with the safety and compliance standards in force in certain sectors of activity or countries.
- It strengthens trust between you and your partners, customers or suppliers who access your files.
What are the prerequisites for setting up FTPS?
To configure FTPS on an FTP server, you will need the following:
- A Windows Server 2008 or higher server with the IIS (Internet Information Services) role installed.
- An FTP site created in IIS.
- A valid SSL certificate, purchased or obtained from a recognized certificate authority, or generated by yourself (self-signed).
How to create a self-signed SSL certificate?
If you don't have a valid SSL certificate, you can create one yourself using IIS. Be aware that this type of certificate is not reliable and should only be used for testing purposes. Here are the steps to follow:
- Open Internet Information Services (IIS) Manager.
- Select the server in the left tree, then double-click on Server Certificates to open it.
- In the right-hand menu, click on Create a self-signed certificate…
- Enter a friendly name for the certificate. Choose something that is easy to recognize.
- A certificate is created. The expiry date is one year.
How to enable FTPS on an FTP site?
Once you have an SSL certificate, you can enable FTPS on your FTP site. Here are the steps to follow:
- Open Internet Information Services (IIS) Manager.
- Select the FTP site in the left tree, then double-click on SSL FTP Settings to open it.
- Select the certificate you just created or already own from the drop-down list.
- You can choose between two encryption modes: explicit or implicit. Explicit mode allows the client to choose whether or not to use FTPS. Implicit mode forces the use of FTPS and uses port 990 instead of port 21. Choose the mode that best suits your use case.
- You can also require an SSL connection for anonymous or authenticated users, or for all users. If you only want to use FTPS, check the box labeled "An SSL connection is required.".
- When you have finished, click Apply in the right-hand menu.
How do I test connectivity with an FTP client?
To test connectivity with your FTPS server, you need to use an FTP client that supports SSL encryption. For example, you can use WinSCP, a free and open-source software. Here's how:
- Download and install WinSCP on your computer.
- Launch WinSCP and create a new session.
- Enter the address, port, username, and password of your FTPS server. If you are using implicit mode, the port is 990. Otherwise, it is 21.
- Choose FTP as the file protocol and check the SSL/TLS encryption box.
- Click on Login.
- You will receive a warning if your certificate is self-signed or unrecognized. This is normal, as it indicates an untrusted certificate. If you wish to proceed, click Yes and authorize it.
- You should see the files and folders on your FTPS server. In the bottom right corner, you will see a key icon indicating that the connection is encrypted.
FAQs
Here are some frequently asked questions about FTPS:
What is the difference between FTPS and SFTP?
FTPS is an extension of the FTP protocol that uses SSL to encrypt communications. SFTP is a separate protocol that uses SSH to establish a secure connection and transfer files. Both protocols offer a high level of security, but they are not compatible with each other. You must choose the protocol based on the server and client you are using.
What are the disadvantages of FTPS?
FTPS has some disadvantages compared to classic FTP:
- It requires the purchase or acquisition of a valid SSL certificate, or the creation of a self-signed certificate which is not reliable.
- It can be blocked by some firewalls or routers that do not support SSL encryption.
- It can be slower than FTP due to the time required to establish the secure connection and encrypt the data.
How do I renew or change the SSL certificate used by FTPS?
To renew or change the SSL certificate used by FTPS, you must follow the same steps as for activation. First, you need to obtain a new SSL certificate and then select it in the FTP SSL settings of your FTP site. You must also inform your clients of the certificate change and ask them to accept the new certificate when connecting.
How do I disable FTPS if I no longer need it?
To disable FTPS, you need to modify your FTP site's SSL settings. You can choose not to use an SSL certificate, or not to require an SSL connection for users. You must also inform your clients of the protocol change and ask them to connect using standard FTP.
What other secure file transfer protocols can I use?
Besides FTPS, you can use SFTP, as mentioned earlier, or HTTPS. HTTPS is the protocol used by secure websites. It also uses SSL to encrypt communications. You can use HTTPS to transfer files using a web browser or a dedicated client. You must configure a website in IIS and enable SSL encryption to use HTTPS.
Conclusion
Windows based FTP server and how to connect to that server with a compatible FTP client. FTPS is a simple and effective solution for securing your file transfers over the internet or a local network. It allows you to protect your data from attacks and comply with security and regulatory standards. However, you may encounter a problem connecting to the FTPS server and see the error message: “The server's IP address could not be found.” To resolve this error , you should check several things, such as the server address, your internet connection, your firewall, your SSL certificate, and your computer's date and time. If the problem persists, contact the server or client's technical support.
