vsftpd won't start with SSL


So I’ve configured vsftpd using yast2 ftp-server and I was wondering why it wouldn’t start. After disabling the SSL option, the server seems to start just fine.

Here’s the output I get when trying to start with SSL enabled (TLS only). vsftpd doesn’t seem to log to /var/log/vsftpd.log for whatever reason, so this is all I have.

i-ghost@pandora:~> sudo systemctl status vsftpd
vsftpd.service - Vsftpd ftp daemon
          Loaded: loaded (/usr/lib/systemd/system/vsftpd.service; enabled)
          Active: failed (Result: exit-code) since Mon, 2013-06-24 13:13:15 BST; 6min ago
         Process: 7978 ExecStart=/usr/sbin/vsftpd /etc/vsftpd.conf (code=exited, status=2)
          CGroup: name=systemd:/system/vsftpd.service

Jun 24 13:13:15 pandora.i-ghost.co.uk systemd[1]: Starting Vsftpd ftp daemon...
Jun 24 13:13:15 pandora.i-ghost.co.uk systemd[1]: Started Vsftpd ftp daemon.
Jun 24 13:13:15 pandora.i-ghost.co.uk systemd[1]: vsftpd.service: main process exited, code=exited, status=2/INVALIDARGUMENT
Jun 24 13:13:15 pandora.i-ghost.co.uk systemd[1]: Unit vsftpd.service entered failed state

Here’s my config file.

The pem file is a self-signed cert generated from a 2048 bit DSA key. Yast asked for a DSA cert, so I figured that’s what it needed, although I guess I’m probably wrong. Trying the other SSL options (v2, v3) also fails.

EDIT: I should also mention this is 12.3; I’m in the process of patching the system to latest using zypper as this is a fairly fresh install.

Any help would be appreciated. Thanks.

Nevermind, after switching to an RSA cert and using this tutorial, I’ve successfully configured the daemon to use SSL/TLS. I just needed to switch “dsa_cert_file” to “rsa_cert_file” as it seems vsftpd doesn’t seem to like DSA certs.

If a moderator could mark this topic as closed I’d appreciate it.