How to: use a CA-issued certificate (the long way) Server! version: 4.0.0+

If you already own an X.509 (SSL/TLS) digital certificate in PFX format, you know how simple it is to import it into your Server! and use it.

But many of our customers asked for a tutorial on the longer procedure of requesting a digital certificate to a certification authority (CA) via a certificate signing request (CSR). So here’s the fully documented procedure for you.

First of all you have to generate the CSR, and to do that you will simply go to the Security->FTP(E/S) menu and select the option in the picture below from the certificate drop-down menu: Continue reading

HTTPS “connection not private/secure” – what it is? Server! version: 4.0.0+

After installing Server! v4.0 you will be able to manage it securely via web interface over HTTPS.

Now, a very common choice is to use a self-signed certificate, because it saves money and if you know what you’re doing it doesn’t compromise security. This is, in fact, the most common choice among our users (according to our surveys).

But if you use a self-signed certificate, your browser will warn you that your connection may not be private or secure. That’s because self-signed certificates are often used for man-in-the-middle (MitM) attacks. But this is not the case, of course, if you can verify that this particular self-signed certificate was created by you and for you.

To get rid of this annoying message, you basically have 2 options:

  1. Spend some money to buy a trusted X.509 (SSL/TLS) certificate from a Certification Authority like DigiCert, Comodo, Thawte, and the like. It goes without saying that this is the recommended choice, as it takes advantage of the inherent trust chain provided by the Certification Authority.
  2. Verify and accept the self-signed certificate you have just created and add it to the trusted keychain of your browser. In this case you are advised to always verify the certificate’s fingerprint to make sure it’s really the one you created yourself, and that you’re not a victim of a Man-in-the-Middle (MitM) attack.

Continue reading

FTPS Server Certificate: best practices

Upon installation, Server! auto-generates a self-signed X.509 (SSL/TLS) Server Certificate to be used for implicit and explicit FTP (aka FTPS and FTPES). However, such certificate carries the name of “Syncplify” in the organization field, and the common name (CN) field is only suitable for localhost ( Therefore you may want to generate your own certificate, or buy one from a trusted Certification Authority (CA).

If a self-signed certificate is enough for you (and for all clients that will connect to your server), then you can simply use Server!’s internal certificate generator as follows. Simply click the “gear” button on the FTP(S) tab of the Configuration manager. Continue reading

SSH Server Key ≠ FTPS (SSL/TLS) Server Certificate

From time to time our users ask how to use their X.509 (SSL/TLS) certificate for SFTP.

The one-line answer is: it’s not possible. But let’s dig into the topic and explain why, and above all how to implement server certificate and keys correctly.

First of all it is important to identify which protocol we intend to use, and what are its peculiarities: Continue reading Server! v2.0.7.27 hot-fix 1

If you have downloaded and installed Server! v2.0.7.27 in the past 6 days, and are experiencing problems with the X.509 certificate on your FTPS (or FTPES) connections, please download v2.0.7.27-hotfix-1 from our web site, and update your instance.

This is a pure hot-fix release, nothing else has been changed, no improvements were made, and no features were altered. Therefore, if you are not experiencing any trouble, you won’t need this update. Thank you.