THE INFORMATION IN THIS ARTICLE APPLIES TO:
- EFT Server (All Versions)
- Secure FTP Server (All Versions)
Do Secure FTP Server and EFT Server support SSL SGC?
Most of the FTP clients use a minimum of 128-bit encryption. The purpose of the certificate is to ensure that if an older browser with a low encryption, say 40-bit, connects it is forced to use 128-bit encryption. "Verisign Pro" or SGC certificates are not compatible with Secure FTP Server.
SGC was created as an extension to SSL for consumers with export versions of web browser software to use strong cryptography for financial transactions. That is a "legacy" mechanism that allows low-strength ciphers to be upgraded to high-strength ciphers at negotiation time.
SGC allows users with an export version browser to temporarily step-up to 128-bit SSL encryption if they visit a web site with an SGC compatible SSL certificate, such as Thawte’s SGC SuperCert. Without an SGC certificate on the web server, web browsers and PCs that do not inherently support 128-bit strong encryption, receive only 40 or 56-bit encryption.