The SSL tab is one of the tabs in the Communication Setup property sheet. Using FTPS, sessions are protected from eavesdropping, tampering, or message forgery over TCP/IP. PASSPORT FTP implements FTPS according to IETF RFC 4217: Securing FTP with TLS. The PASSPORT FTP Client connects to the FTP server and begins an unencrypted FTP session as it normally would, then requests that SSL security be used through the AUTH TLS command, and performs the necessary SSL handshake.
Accept Self-Signed Certificates
Enable to accept a self-signed server certificate.
Accept Expired Certificates
Enable to accept a server certificate that has expired.
Accept Not Yet Valid Certificates
Enable to accept a server certificate that has a starting date in the future.
Accept Invalid Certificates
Enable to accept if the server certificate is invalid for any reason other
than the date or signature. With this option enabled, the server certificate
check will be ignored.
Select Action to Take if Certificate
Not Accepted
This option determines how PASSPORT will respond to any items above that
are unchecked. The items above that are checked will ignore this option
and allow the certificate.
Choose one of the following:
Ignore Warning and Connect
Prompt for User Action
Do Not Connect
Enable Client Authentication
Enable to accept client certificates and select the client certificate
to be used from the drop down.
Encrypt Data Channel
Enable encryption of the data channel. The security standard for FTP states
that the data channel remains insecure by default. This means that SSL
encryption would usually only be enabled on the command channel. Although
this would protect from eavesdropping of user names, passwords and file
locations, the uploaded and downloaded files would remain vulnerable.
By setting the data channel to be encrypted, PASSPORT does not have to
implicitly state encryption of the data channel.
Setting the Available Encryption Protocols
To enable or limit the available encryption protocols, you can edit the
Passport FTP profile as follows:
In the [Connection] section of Passport FTP client .zfc file or [FTP Server] section of Passport .zws file, add following line:
SSLEnabledProtocols=xxx
Where xxx can be any combination of following:
SSL 3 Client/Server: 48
TLS 1.0 Client/Server: 192
TLS 1.1 Client/Server: 768
TLS 1.2 Client/Server: 3072
For example, if you want to support all of above it will be:
SSLEnabledProtocols=4032
This will support TLS1.0, 1.1 and 1.2 (192+768+3072=4032)