How to verify a self-signed certificate on the client?
I installed FTPS server on Linux server, and generated SSL certificate on FTPS server (vsftpd tool). I signed the visa by myself when I signed it. (Of course, how to generate a self-signed certificate can be seen in the article I mentioned earlier. Suppose that the certificate we generate now is server.cer, and then generate the client's trust base on the server.cer certificate. If it is a self-signed certificate, the corresponding trustStore must be generated at the client, because of man-in-the-middle attack, that is, when the server returns the certificate, the third party intercepts it in the middle and then generates a fake certificate and sends it to the client. In this way, the client will use the public key in this fake certificate to encrypt the generated key and send it to the server, so that anything sent by the client may be obtained by a third party. Therefore, we need to establish a trust base and use it to verify the legitimacy of the server certificate.