Ssl security with alpha five app server
Sponsored Links
This presentation is the property of its rightful owner.
1 / 18

SSL Security with Alpha Five App Server PowerPoint PPT Presentation


  • 95 Views
  • Uploaded on
  • Presentation posted in: General

SSL Security with Alpha Five App Server. Protecting sensitive or personal data. Types of Web Pages. Unsecure Plain Text http:// Secure – SSL (secure sockets layer) TLS (transport layer security) Encrypted between browser and server https://. Other Types of Secure Web Communications in Alpha.

Download Presentation

SSL Security with Alpha Five App Server

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


SSL Security with Alpha Five App Server

Protecting sensitive or personal data.

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Types of Web Pages

  • UnsecurePlain Texthttp://

  • Secure – SSL (secure sockets layer)TLS (transport layer security)Encrypted between browser and serverhttps://

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Other Types of Secure Web Communications in Alpha

  • Email – digitally signed and encrypted. Must use routines external to Alpha.

  • Encrypt a Zip attachment to email.

  • SSL/TLS Email – from web server to mail server only. Not to recipient’s inbox.

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


SSL Decisions

  • What Certification Authority

  • What Type of Certificate

  • What Encryption Level

  • What Type of Browsers and Web Servers

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Certification Authority

  • Trusted 3rd Party

  • They do the verification of the SSL application

  • GoDaddyThawteGeoTrustVerisignothers

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Types of Certificates

  • Self-Signed – free

  • Turbo – ($20 - $149)

  • High Assurance – ($90 - $400)

  • Extended Validation – gets a green address bar in Vista. – ($500 - $1,500)(low rates are for GoDaddy)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Encryption Level

  • 40-bit

  • 512-bit*

  • 1024-bit* - used by most financial institutions

  • 2048-bit** supported by Alpha Application Server

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Browser and Web Server

  • Export restriction on 128-bit encryption lifted in 2000.

  • Modern browsers (IE 5.5+) support 128-bit encryption.

  • Modern web servers support 128-bit encryption.

  • Notes on older operating systems and SGC (Server-Gated Cryptography)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


How to do it

  • Create a certificate request from the Alpha Application Server settings screen.

  • Send the request to a Certification Authority and get back a certificate file

  • Install the key (created in #1) and certificate files in the Alpha App Server

  • Insure that port 443 is open in firewall and router

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


How to do it (cont.)

  • URL links must use https://

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


If a Security Warning Pops Up in the Browser

  • Insure that the URL specified in the CSR matches exactly

  • Always happens with a Self-Signed certificate

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Using a Self-Signed Cert or if info does not match

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo – before Cert request

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo – Certificate Signing Request (CSR)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo – CSR Result

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo – Cert Installed

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo - live

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Links

  • http://luxsci.com/info/about_ssl.html - See section on SSL in Action

  • Wikipedia – more technical

  • GoDaddy Certs – describes different Cert levels

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


  • Login