Mutual TLS for FTP and WebDAV

We have just finished with the implementation of mutual (two-way) TLS connections (#5883) for secured FTP and WebDAV (HTTPS) connections. When a server requests a client certificate for authentication, a prompt is displayed to choose a certificate with a private key that matches the given issuer name requested from the server. Matching certificates are searched for in the Keychain on OS X or the Windows Certificate Manager respectively.

 

 

To configure your server for mutual TLS authentication, refer to corresponding documentation.

• Apache HTTPD Client Authentication and Access Control
• ProFTPD TLS Client Authentication
• The configuration options validate_cert, ca_certs_file in vsftpd
• Mutual SSL authentication should also work with OpenStack Keystone deployment using PKI deployments.

This feature is currently available in the latest 4.5 beta build.