OpenSSL error while trying to connect FTPS: dh key too small

Website URL

Error Message

Cannot read file attributes of "ftp://[MY_USERNAME]".

Cannot read directory "/".
CURLE_SSL_CONNECT_ERROR: OpenSSL/3.2.0: error:0A00018A:SSL routines::dh key too small
234 AUTH TLS OK. [curl_easy_perform]

Other Information

Hello community!
I’m using FreeFileSync to syncronize my local files with remote webserver via FTP over explicit SSL/TLS (ftps).
AFAIK this error is due to weak cyphers used on server side.
Any way to fix it?

FTPS is not supported here, only FTP on port 21 is.

EDIT: Sorry, got SFTP and FTPS confused. FTPS should work here, hopefully Admin will be able to provide more information or pass this on to the server admins.

Thanks @ChrisPAR for catching that


Our FTP server has a bit older security setting to ensure better compatibility with older devices. However, the unfortunate side effect is that it doesn’t work with modern OpenSSL out of the box.

Updating the SSL/TLS security settings of the FTP server is on the wishlist, but it may take some time before this is actually done.

In the mean time, you can work around this by tweaking your OpenSSL settings. In the OpenSSL config file, there should be a setting CipherString. If you set this to DEFAULT@SECLEVEL=1, you should be able to communicate with our FTP server without any issues.

Alternatively, you could not use TLS, but outdated TLS is much better than no TLS.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.