Ssl security with alpha five app server
This presentation is the property of its rightful owner.
Sponsored Links
1 / 18

SSL Security with Alpha Five App Server PowerPoint PPT Presentation


  • 81 Views
  • Uploaded on
  • Presentation posted in: General

SSL Security with Alpha Five App Server. Protecting sensitive or personal data. Types of Web Pages. Unsecure Plain Text http:// Secure – SSL (secure sockets layer) TLS (transport layer security) Encrypted between browser and server https://. Other Types of Secure Web Communications in Alpha.

Download Presentation

SSL Security with Alpha Five App Server

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Ssl security with alpha five app server

SSL Security with Alpha Five App Server

Protecting sensitive or personal data.

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Types of web pages

Types of Web Pages

  • UnsecurePlain Texthttp://

  • Secure – SSL (secure sockets layer)TLS (transport layer security)Encrypted between browser and serverhttps://

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Other types of secure web communications in alpha

Other Types of Secure Web Communications in Alpha

  • Email – digitally signed and encrypted. Must use routines external to Alpha.

  • Encrypt a Zip attachment to email.

  • SSL/TLS Email – from web server to mail server only. Not to recipient’s inbox.

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Ssl decisions

SSL Decisions

  • What Certification Authority

  • What Type of Certificate

  • What Encryption Level

  • What Type of Browsers and Web Servers

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Certification authority

Certification Authority

  • Trusted 3rd Party

  • They do the verification of the SSL application

  • GoDaddyThawteGeoTrustVerisignothers

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Types of certificates

Types of Certificates

  • Self-Signed – free

  • Turbo – ($20 - $149)

  • High Assurance – ($90 - $400)

  • Extended Validation – gets a green address bar in Vista. – ($500 - $1,500)(low rates are for GoDaddy)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Encryption level

Encryption Level

  • 40-bit

  • 512-bit*

  • 1024-bit* - used by most financial institutions

  • 2048-bit** supported by Alpha Application Server

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Browser and web server

Browser and Web Server

  • Export restriction on 128-bit encryption lifted in 2000.

  • Modern browsers (IE 5.5+) support 128-bit encryption.

  • Modern web servers support 128-bit encryption.

  • Notes on older operating systems and SGC (Server-Gated Cryptography)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


How to do it

How to do it

  • Create a certificate request from the Alpha Application Server settings screen.

  • Send the request to a Certification Authority and get back a certificate file

  • Install the key (created in #1) and certificate files in the Alpha App Server

  • Insure that port 443 is open in firewall and router

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


How to do it cont

How to do it (cont.)

  • URL links must use https://

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


If a security warning pops up in the browser

If a Security Warning Pops Up in the Browser

  • Insure that the URL specified in the CSR matches exactly

  • Always happens with a Self-Signed certificate

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Using a self signed cert or if info does not match

Using a Self-Signed Cert or if info does not match

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo before cert request

Demo – before Cert request

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo certificate signing request csr

Demo – Certificate Signing Request (CSR)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo csr result

Demo – CSR Result

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo cert installed

Demo – Cert Installed

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo live

Demo - live

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Links

Links

  • http://luxsci.com/info/about_ssl.html - See section on SSL in Action

  • Wikipedia – more technical

  • GoDaddy Certs – describes different Cert levels

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


  • Login