FTPS (commonly referred to as FTP/SSL) is a name used to encompass a number of ways in which FTP software can perform secure file transfers. Each way involves the use of a SSL/TLS layer below the standard FTP protocol to encrypt the control and/or data channels. It should not be confused with either SSH file transfer protocol (SFTP), or FTP over SSH (no acronym).
The most common uses of FTP and SSL are:
Much like https, but unlike SFTP, FTPS servers must provide a public key certificate. These certificates can be created using Unix tools such as OpenSSL's ssl-ca.
This certificate must be signed by a certificate authority, or the FTPS client will generate a warning stating that the certificate is not valid.
Data can be encrypted in the command channel, the data channel, or most often both. If the command channel is not encrypted, the protocol is said to be using a clear command channel (CCC). If the data channel is not encrypted, the protocol is said to be using a clear data channel (CDC).
Because FTP is a port-hopping protocol (i.e. data channels use a random port chosen during the communication), many firewalls have the ability to understand the FTP protocol and allow the secondary data connections. However if the control connection is encrypted using TLS/SSL (or any other method for that matter) the firewall is not able to get the port numbers of the data connections from the control connection (since it is encrypted and the firewall cannot decrypt it). Therefore in many firewalled networks clear FTP connections will work while FTPS connections will either completely fail or require the use of passive mode.