Skip to main content
Skip table of contents


Much like HTTPS, but unlike SSH, FTPS servers can sometimes be required to provide a public key certificate. This certificate must be signed by a certificate authority.

If it is not signed, some FTPS clients will generate a warning stating that the certificate is not valid. Whether or not to trust such certificate is your choice.

The FTPS servers may optionally require user to authenticate with a client certificate.

The client certificate typically needs to be signed by a certificate authority trusted by the server.


Supported client certificate file formats are:

  • Personal Information Exchange – PCKS #12 (.pfx or .p12);

  • Base64 encoded PEM X.509 (.pem or .key), either:

    • containing both private key and the certificate;

    • containing a private key only, with certificate in a separate file. The certificate needs to have the same base name as the private key, with .crt or .cer extensions and be in the Base64 encoded PEM X.509 format or binary DER format.

How To Import a Certificate

1. Navigate to the Organization - Certificates page.

2. Click + Import Certificate button on top left.

3. Name the Certificate, choose the Certificate type, supply a Pass Phrase and click Import.

When using Thru’s FTPS server endpoint with a client certificate, the certificate needs to be provided to Thru Support so it can be added to the servers certificate store.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.