Specifically disable certificate verification in lftp
LFTP is a great FTP program that I use quite regularly. I recently had a problem connecting to a server (that I didnt control) and getting the following error due to the cert being self signed:
LFTP is a great FTP program that I use quite regularly. I recently had a problem connecting to a server (that I didnt control) and getting the following error due to the cert being self signed:
mirror: Fatal error: Certificate verification: Not trusted (E3:14:86:7A:6F:2D:09:9A:40:E8:0F:E0:CF:3F:DE:2C:11:1E:9F)
There are a couple of ways to handle this (outside asking the server owner to use letsencrypt :D).
The most limited option and probably the best to minimise the security implications is to create an exemption for the specific domain and only for one user that lftp is being run under. This acomplished by editing/creating a file ~/.lftprc
and adding the following line edited for the domain you'd like:
# Either a wildcard like this
set ssl:verify-certificate/*.m00nie.com no
# Or a specific domain like this
set ssl:verify-certificate/ftp.m00nie.com no
You can add the same enteries as above into /etc/lftp.conf
to disable caritifcate validation for all users on your server. You can also disable certificate validation completely for all certs with the line below but this isnt really advisable or what you want
# disabled all certificate validation - You probably do not want to do this!
set ssl:verify-certificate no
m00nie