Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. crt.sh | example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.
My domain is: joelmueller.ch
I ran this command:
It produced this output:
My web server is (include version): nginx vsftpd
The operating system my web server runs on is (include version): ArchLinux
My hosting provider, if applicable, is:
I can login to a root shell on my machine (yes or no, or I don't know): yes
I'm using a control panel to manage my site (no, or provide the name and version of the control panel): no
The version of my client is (e.g. output of certbot --version or certbot-auto --version if you're using Certbot): acme
Hi,
I have a working wildcard cert.
How can I use as vsftpd SSL Cert for ftp.joelmueller.ch
I used fullchain.pem and joelmueller.ch.key as fullchain.csr and 1:1 as key.
Have I to convert fullchain.pem with OpenSSL?
Have I to use private.key or joelmueller.ch.key?
FileZilla do reclamation with my SSL Setup other clients like lftp are working. Why?
My advice? Don't use FTPS for file transfers. IMO the best option is to use SFTP. A subtle difference in abbreviation, but a BIG difference in the underlying technique. FileZilla can also do SFTP.
The link I provided used certbot to get the cert files and that does create a privkey.pem and fullchain.pem for wildcard certs. The author of that article successfully used certbot with vsftpd. I am sorry if the article was not helpful. As noted I do not have personal experience with vsftpd.
A .key file is often a valid .pem file and needs no conversion. I don't understand how you got the files you describe so don't know how to advise.
I get the files over ace-me client on OPNsense(FreeBSD13) machine and after I transfer to the remote machine over scp. So I have only to change private.key to privkey.pem? and what is the second key? (joelmueller.ch.key) or have I to merge both keys in one privkey.pem?
Yeah, I am sorry but I do not understand how you are describing your cert and key files. And, I could not find any info on an ace-me program for OPNsense.
Your post said you have an nginx server although I cannot reach it on https://joelmueller.com (it times out). I can reach it using http but the http response headers do not identify it as nginx (which is optional).
If you get your nginx server working with https and your wildcard you would use the same two files in vsftpd as you used for it. For example, if these are your valid nginx lines: