require-tls
This command controls whether FTP control connections for the FTP server handler require TLS encryption.
Syntax
- Use FTP without TLS
- require-tls off
- Use explicit FTP over TLS
- require-tls explicit
- Use implicit FTP over TLS
- require-tls implcit
Parameters
off
- Use FTP without TLS. This setting is the default value.
explicit
- Use explicit FTP over TLS. The client must negotiate encryption with the FTP AUTH TLS command.
implicit
- Use implicit FTP over TLS. The client immediately challenges the server with a TLS
ClientHello
message.
Guidelines
The require-tls command controls whether FTP control connections require TLS encryption.
When either
explicit
or implicit
, you must complete the
configuration with the following commands.- Specify the TLS profile type with the ssl-config-type command.
- Specify which TLS profile to secure the connection.
- Specify a TLS server profile with the ssl-server command.
- Specify a TLS SNI server profile with the ssl-sni-server command.
To support TLS encryption, ensure that the associated user agent defines the information to contact the FTP server. Use the User Agent ftp-policy command to define this configuration.