FTP errors can be frustrating. Especially, when you cannot access your own hosting space.

One such error is FTP Certificate Expired.

At Bobcares, we fix many FTP errors for our customers as part of our Technical Support Services.

Just as the error indicates, it happens when the FTP server has a wrong SSL certificate.

Today, we’ll see how our Support Engineers diagnose and fix FTP Certificate Expired error.

When does FTP Certificate Expired error show up?

Firstly, let’s check the typical scenario in which this error happens.

One of our customers reported this error when he was trying to connect to his website via FTP client FileZilla.

Many FTP clients allow secure connection in FTP. To ensure security, this customer was also using the option “Use explicit FTP over TLS if available” in FileZilla.

Surprisingly, the customer had already setup SSL certificate for his domain. And, still he was getting error! The exact screenshot of the error looked like this.

What causes the Certificate Expired error?

Basically, FTP Certificate Expired error happens when the SSL certificate is no longer valid. Every SSL certificate comes with a validity period.  For normal SSL certificates the time period will be 1 year, while the free Let’s Encrypt certificates expire every 90 days.

For example, in the screenshot of the FTP error, the validity was already over. Therefore, FTP session was no longer secure and FileZilla reported the error.

[Do you know that with proper monitoring of FTP servers you can completely avoid FTP certificate expired errors? Contact us to add 24×7 monitoring for your server.]

How we fix FTP Certificate Expired error

Now, let’s see the fix for FTP Certificate Expired error.

Mainly, our Support Engineers ensure that the ftp server and the domain has a valid SSL certificate. But, this process differs slightly based on the certificate that has expired. We’ll check them in detail here.

1. Expired Dedicated SSL

When the dedicated SSL certificate of your domain is the one that is expired, our Support Engineers replace them with the valid SSL certificates. This involves changing the path of the SSL certificate and key files in the web server configuration. Then, for the changes to be effective, we do a restart of the web server.

Again, when there are control panels like Plesk installed on the server, the steps become more easy. Here, we login to the Plesk Panel and fix the Let’s Encrypt certificate from

Plesk > Tools & Settings > SSL/TLS Certificates > Let’s Encrypt 

For customers that do not wish to use Dedicated SSL, there are options to use self-signed SSL certificates. The self-signed certificate will be in the name of server hostname. As a result, these certificates will give a warning that domain name do not match the certificate.

2. Expired SSL on IP address

Similarly, when customer is using a shared IP address, expired SSL certificate on IP address also can show FTP errors. Here, our Support Engineers fix the problem by adding proper SSL certificate for the shared IP address.

For instance in Windows server, we fix the FTP error by replacing the expired certificate for FTP in the IIS. For this, we connect to the windows server via Rdesktop first. Then, connect to IIS and set valid SSL certificate from the option:

IIS > Server_name > Sites > IP Address > FTP SSL Setting.

Additionally, in Plesk servers, we ensure that the server SSL certificate is also valid.

And, with proper SSL certificate, FileZilla FTP connection works like a charm!

[Need help to fix certificate expired error in FTP? We can fix it instantly.]

Conclusion

In short, FTP Certificate Expired error happens when the SSL certificate on FTP server is expired. Today, we saw how our Support Engineers find the root cause for the error and fix it.