Month: June 2014

We have just finished with the implementation of mutual (two-way) TLS connections (#5883) for secured FTP and WebDAV (HTTPS) connections. When a server requests a client certificate for authentication, a prompt is displayed to choose a certificate with a private key that matches the given issuer name requested from the server. Matching certificates are searched for in the Keychain on OS X or the Windows Certificate Manager respectively.

 

 

To configure your server for mutual TLS authentication, refer to corresponding documentation.

• Apache HTTPD Client Authentication and Access Control
• ProFTPD TLS Client Authentication
• The configuration options validate_cert, ca_certs_file in vsftpd
• Mutual SSL authentication should also work with OpenStack Keystone deployment using PKI deployments.

This feature is currently available in the latest 4.5 beta build.

Interoperability with different providers of Swift (OpenStack Object Storage) has been a field of attention in the latest maintenance release of Cyberduck. We are now defaulting to use version 2.0 (Keystone) for authentication with the OpenStack Identity Service with consecutive fallback strategies for different options of tenant specifiers. To use the  version 1.0 (devauth) authentication method with a legacy OpenStack deployment, download the Openstack Swift (v1) profile.