Products > Security

FileZilla with Let's Encrypt


Setting up a new FTP today.  I've used FZ before, seems reasonable enough.  Let's go get the current version and see.

I see an option for Let's Encrypt, integrating the ACME interface.  Cool.

I already have an account for that, even.  So I just need to... hmm, no, I can't just link it with my existing account, it looks like it has to make a completely new one?  Weird.

Well, I don't need to administer it that way either, I can just point it to the same files then.


LE doesn't make a private key file though.  I see the PEM and PFX files.  Do those work?

It doesn't even tell me what extensions it's looking for...

(From what I've seen in searching, it seems to want a *.key and *.pem respectively.  Still not entirely sure.  It seems to do nothing about an incorrect file, and one of them seems to use the *.pem but without the *.key it emits some random bullshit gnuTLS error. Thanks.)

No one is talking about this, any conceivable query I search on returns irrelevant results: sure, configure LE integration, but I don't want that; configure a 3rd-party cert (with all the related files included as a package), no not quite the same thing; it seems like the more insistent I am, trying to query this one narrow subject, the harder it pushes me towards something completely not that.

Am I just a complete idiot?  I know I don't know much about certificates and keys, as actually used by applications.  Is this just a question that is -- and I've somehow managed to miss this -- so immediately, patently obvious, that no one dares ask it?

As near as I can tell -- besides the fact that it says LE integration right there -- it wants a x.509 cert, that LE provides, and so, I should be very reasonably assuming, that it can just, *hands bumping together gesture, "now kiss"* and, that'd be that, right?

Is it hidden by intent, not coincidence?  I notice Filezilla is doing this "Pro" shit and I'm guessing, besides integration of commercial services, they want money for support too.  I get it, but that's no excuse for utterly crippling your supposed-free ware.  I'm not even seeing basic documents like what the fields are on the fucking dialog.  Also, version 1.1.0 is apparently so new, nobody's even screenshotted it; I see hits with the respective dialog for version 0.9.60-something.  Which again, do nothing with the particular text fields I'm trying to figure out.

Is this just a complete fucking waste of time, do I generate a self-signed cert and just leave it?  Will that do anything with respect to my domain?  (So obviously, yes this will be ftp on my domain, and no, it won't be public/anon, don't bother probing it etc...)



[0] Message Index

There was an error while thanking
Go to full version