Ssl security with alpha five app server
Download
1 / 18

SSL Security with Alpha Five App Server - PowerPoint PPT Presentation


  • 117 Views
  • Uploaded on

SSL Security with Alpha Five App Server. Protecting sensitive or personal data. Types of Web Pages. Unsecure Plain Text http:// Secure – SSL (secure sockets layer) TLS (transport layer security) Encrypted between browser and server https://. Other Types of Secure Web Communications in Alpha.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about ' SSL Security with Alpha Five App Server' - grant-henry


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Ssl security with alpha five app server

SSL Security with Alpha Five App Server

Protecting sensitive or personal data.

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Types of web pages
Types of Web Pages

  • UnsecurePlain Texthttp://

  • Secure – SSL (secure sockets layer)TLS (transport layer security)Encrypted between browser and serverhttps://

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Other types of secure web communications in alpha
Other Types of Secure Web Communications in Alpha

  • Email – digitally signed and encrypted. Must use routines external to Alpha.

  • Encrypt a Zip attachment to email.

  • SSL/TLS Email – from web server to mail server only. Not to recipient’s inbox.

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Ssl decisions
SSL Decisions

  • What Certification Authority

  • What Type of Certificate

  • What Encryption Level

  • What Type of Browsers and Web Servers

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Certification authority
Certification Authority

  • Trusted 3rd Party

  • They do the verification of the SSL application

  • GoDaddyThawteGeoTrustVerisignothers

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Types of certificates
Types of Certificates

  • Self-Signed – free

  • Turbo – ($20 - $149)

  • High Assurance – ($90 - $400)

  • Extended Validation – gets a green address bar in Vista. – ($500 - $1,500)(low rates are for GoDaddy)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Encryption level
Encryption Level

  • 40-bit

  • 512-bit*

  • 1024-bit* - used by most financial institutions

  • 2048-bit** supported by Alpha Application Server

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Browser and web server
Browser and Web Server

  • Export restriction on 128-bit encryption lifted in 2000.

  • Modern browsers (IE 5.5+) support 128-bit encryption.

  • Modern web servers support 128-bit encryption.

  • Notes on older operating systems and SGC (Server-Gated Cryptography)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


How to do it
How to do it

  • Create a certificate request from the Alpha Application Server settings screen.

  • Send the request to a Certification Authority and get back a certificate file

  • Install the key (created in #1) and certificate files in the Alpha App Server

  • Insure that port 443 is open in firewall and router

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


How to do it cont
How to do it (cont.)

  • URL links must use https://

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


If a security warning pops up in the browser
If a Security Warning Pops Up in the Browser

  • Insure that the URL specified in the CSR matches exactly

  • Always happens with a Self-Signed certificate

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Using a self signed cert or if info does not match
Using a Self-Signed Cert or if info does not match

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo before cert request
Demo – before Cert request

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo certificate signing request csr
Demo – Certificate Signing Request (CSR)

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo csr result
Demo – CSR Result

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo cert installed
Demo – Cert Installed

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Demo live
Demo - live

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007


Links
Links

  • http://luxsci.com/info/about_ssl.html - See section on SSL in Action

  • Wikipedia – more technical

  • GoDaddy Certs – describes different Cert levels

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007