How-To Install UFTP for Testing
Overview
This guide explains how to set up a complete UFTP test environment consisting of a UFTPD server, an Auth server, and a UFTP client using the provided test certificates. All components can be installed on a single machine, making the setup suitable for evaluation and functional testing.
Warning
This setup is intended for testing only. The included certificates are not suitable for production use. Production deployments must use certificates issued by a trusted Certificate Authority (CA).
Prerequisites
Java 11 or later (OpenJDK or Oracle Java recommended)
Python 3.6 or later
The UFTPD server listening port must be reachable through your firewall. If stateful firewall inspection is enabled, configure the port for FTP connection tracking. Alternatively, configure and open a fixed range of data ports.
The UFTPD command port must be accessible from the Auth server.
For encrypted data transfers, the Python Crypto module is required. It can be installed using:
python3 -m pip install pycryptodome
Installation and Configuration
To set up a complete test environment, install the following components:
Install and run a UFTPD server as described in UFTPD Server Installation.
Install and run an Auth server as described in Auth Server Installation.
Install the UFTP client as described in UFTP Client Installation.
All components can be installed on the same machine for testing purposes.
Authentication and File Transfer Flow
In this setup, the UFTP client authenticates using only a username and password. No client certificate is required.
The authentication and data transfer process works as follows:
The UFTP client sends the username and password to the Auth server via HTTPS.
The Auth server validates the credentials using the password file (
userdb.txt) and maps the authenticated user to a local account usingsimpleuudb.If authentication succeeds, the Auth server issues a transfer ticket.
The UFTP client uses this ticket to connect to the UFTPD server.
The UFTPD server validates the transfer ticket using its configured truststore (
cacert.pem), which contains the CA certificate used to verify the Auth server.If the ticket is valid, the file transfer is started.
Only the Auth server and the UFTPD server require certificates
(auth.p12 and uftpd.pem).
The client does not require a certificate. Authentication is performed
using only a username and password.
Testing the Installation
To verify that the installation was successful, run the functional and performance tests described in Testing the UFTPD Server.
These tests use the UFTP client to connect to the Auth server and the UFTPD server and verify authentication, file transfers, and performance.
Troubleshooting
Authentication failures
Check:
username/password
userdb.txtAuth Server logs
ACL errors
Check:
conf/uftpd.aclcertificate DNs
TLS trust configuration
Certificate trust problems
Verify:
conf/cacert.pemcertificate validity
certificate subjects
matching CA certificates
Permission denied errors
Verify:
Unix user exists
directory permissions
configured
USER_NAME