From 3b96845f8a5eba5131b3305c2700f786d65e8b42 Mon Sep 17 00:00:00 2001
From: dynanode <67394436+dynanode@users.noreply.github.com>
Date: Thu, 25 Jun 2020 13:59:51 +0200
Subject: [PATCH] Update vsftpd.conf to support TLS connections

Updated config to support TLS 1.2 connections to vsftpd only.
---
 install/rhel/7/vsftpd/vsftpd.conf | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/install/rhel/7/vsftpd/vsftpd.conf b/install/rhel/7/vsftpd/vsftpd.conf
index 6e11268df..26efb9586 100644
--- a/install/rhel/7/vsftpd/vsftpd.conf
+++ b/install/rhel/7/vsftpd/vsftpd.conf
@@ -22,3 +22,16 @@ pasv_enable=YES
 pasv_max_port=12100
 pasv_min_port=12000
 use_localtime=YES
+ssl_enable=YES
+allow_anon_ssl=YES
+force_local_data_ssl=YES
+force_local_logins_ssl=YES
+ssl_tlsv1_2=YES
+ssl_sslv2=NO
+ssl_sslv3=NO
+require_ssl_reuse=YES
+ssl_ciphers=HIGH
+idle_session_timeout=600
+data_connection_timeout=120
+rsa_cert_file=/usr/local/vesta/ssl/certificate.crt
+rsa_private_key_file=/usr/local/vesta/ssl/certificate.key