CentOS vsftpd + LetsEncrypt + FileZilla = GnuTLS error -15: An unexpected TLS packet was received


#1

Hello

using CentOS : Linux 2.6.32-696.23.1.el6.x86_64 #1 SMP Tue Mar 13 22:44:18 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux

using vsftpd version 2.2.2

using FileZilla client : 3.24.1 on Fedora 25

A newly installed Let’s Ecrypt certificate :

IMPORTANT NOTES:

  • Congratulations! Your certificate and chain have been saved at:
    /etc/letsencrypt/live/my.domain.be/fullchain.pem

Config vsftpd.conf :

ssl_enable=YES
allow_anon_ssl=NO
force_local_data_ssl=YES
force_local_logins_ssl=YES
ssl_tlsv1=YES
ssl_sslv2=NO
ssl_sslv3=NO
rsa_cert_file=/etc/letsencrypt/live/my.domain.be/cert.pem
rsa_private_key_file=/etc/letsencrypt/live/my.domain.be/privkey.pem
require_ssl_reuse=NO
ssl_ciphers=HIGH

When trying to connect with FileZilla client I get error :

|Status:|Connection established, waiting for welcome message…|
|Response:|220 Welcome to FTP service.|
|Command:|AUTH TLS|
|Response:|234 Proceed with negotiation.|
|Status:|Initializing TLS…|
|Status:|Verifying certificate…|
|Status:|TLS connection established.|
|Command:|USER myuser|
|Response:|331 Please specify the password.|
|Command:|PASS **********|
|Error:|GnuTLS error -15: An unexpected TLS packet was received.|
|Error:|Could not connect to server|

What could be the issue here ?


#2

I would guess that the remote server terminated the connection, rather than any issue occurring at the TLS transport level.

Without knowing what the domain is, or a packet capture of the session, I don’t see what kind of assistance you can expect.


#6

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.