Implicit vs. Explicit SSL - KB Article #1088Related Articles --
The difference between Implicit and Explicit SSL is a matter of connection, and commands. Briefly the difference is:
- Implicit - Assumes that the server is expecting everything encrypted using SSL. This means that when the client first connects to the server it will immediately negotiate the SSL connection on the command connection. Normally Implicit connections are also on a different port such as port 990.
- Explicit - A normal FTP connection is established, usually on the standard port 21. However, after connecting, the client will send a command to switch to SSL mode. This command is "AUTH SSL". When this command is sent the server will respond normally, then establish an SSL connection.
With both, the data connection is always fully encrypted with SSL.
NOTE: The terminology in Serv-U is slightly different than above:
- Allow only SSL/TLS sessions --> Implicit SSL
- Allow SSL/TLS and regular sessions --> Explicit SSL