FTP uses one-way TLS by default, as the use_ssl parameter is set to 'try' (meaning optional), along with the verify_peer and verify_host parameters set to true. To use two-way mTLS, you can provide the following ssl related parameters: | Code Block |
|---|
| local r, c, h = net.ftp.init{
server='ftp://speedtest.tele2.net',
username='anonymous',
certificate_file=iguana.workingDir()..'configurations/web/cert.pem',
private_key_file=iguana.workingDir()..'configurations/web/key.pem',
live=true
} |
Below is the full list of available ssl related parameters. See the built-in help documentation in the Translator for additional details: Parameter | Description | Default |
|---|
use_ssl | Enable explicit SSL mode, Valid options: | try
| certificate_file | The name of your certificate file. | | certificate_type | Your certificate's type: PEM or DER. | PEM
| private_key_file | The name of your private key file. | | private_key_pass | The password to access your private key. | | private_key_type | Your private key's type: PEM, DER, or ENG. | PEM
| ssl_engine | The engine to use with 'key_type' ENG. | | verify_peer | Ensures that the server's certificate is valid and trusted by verifying it against a CA. | true
| verify_host | Ensures that the server's certificate is specifically intended for the hostname you are connecting to. | true
| ca_file | The certificate(s) file to use for peer verification. | | issuer_cert | The PEM certificate file to validate the issuer of the peer's certificate during peer validation. | | crl_file | The name of the certificate revocation list to use during peer validation. | | ssl_version | Use a particular SSL version(s). Possible values for ssl_version are tls-v1, tls-v1.1, tls-v1.2, tls-v1.3. See Overriding TLS Defaults. | Tries tls-v1.3 and then tls-v1.2. | cipher_list | Provide a list of ciphers in OpenSSL format to use. See Overriding TLS Defaults. | | cipher_suite_list | Provide a list of TLSv1.3 cipher suites in OpenSSL format to use. See Overriding TLS Defaults. | |
|