The ftp secure-server ssl-policy command configures a Secure Sockets Layer (SSL) policy for an FTP server.
The undo ftp secure-server ssl-policy command deletes an SSL policy configured for an FTP server.
By default, no SSL policies are configured for FTP servers.
| Parameter | Description | Value |
|---|---|---|
policy-name |
Specifies the name of an SSL policy. |
The value is a string of 1 to 23 case-insensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string. |
Usage Scenario
FTP transmits data in plain text. This may cause transmitted data to be tampered with, bringing security threats. To improve data transmission security, run the ftp secure-server ssl-policy command to configure an SSL policy on the FTP server.
Configuration Impact
After an SSL policy is configured, the FTP client and server negotiate session parameters, establish a connection, and transmit data based on the SSL policy. You can use an FTP client to log in to a device enabled with the FTPS server function to securely operate files transmitted between the client and server.
Prerequisites
Precautions
An FTP server can be configured with only one SSL policy. If several SSL policies are configured, the last one takes effect.
The FTP server needs to apply for a digital certificate, and the FTP client needs to apply for a trusted-CA file to verify the validity of the server's certificate.