Presentation is loading. Please wait.

Presentation is loading. Please wait.

Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Security with Alpha Five App Server Protecting sensitive or personal data.

Published byVincent Day Modified over 8 years ago

Similar presentations

Presentation on theme: "Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Security with Alpha Five App Server Protecting sensitive or personal data."— Presentation transcript:

1 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Security with Alpha Five App Server Protecting sensitive or personal data.

2 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Types of Web Pages Unsecure Plain Text http:// Secure – SSL (secure sockets layer) TLS (transport layer security) Encrypted between browser and server https://

3 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Other Types of Secure Web Communications in Alpha Email – digitally signed and encrypted. Must use routines external to Alpha. Encrypt a Zip attachment to email. SSL/TLS Email – from web server to mail server only. Not to recipient’s inbox.

4 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Decisions What Certification Authority What Type of Certificate What Encryption Level What Type of Browsers and Web Servers

5 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Certification Authority Trusted 3 rd Party They do the verification of the SSL application GoDaddy Thawte GeoTrust Verisign others

6 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Types of Certificates Self-Signed – free Turbo – ($20 - $149) High Assurance – ($90 - $400) Extended Validation – gets a green address bar in Vista. – ($500 - $1,500) (low rates are for GoDaddy)

7 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Encryption Level 40-bit 512-bit* 1024-bit* - used by most financial institutions 2048-bit* * supported by Alpha Application Server

8 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Browser and Web Server Export restriction on 128-bit encryption lifted in 2000. Modern browsers (IE 5.5+) support 128-bit encryption. Modern web servers support 128-bit encryption. Notes on older operating systems and SGC (Server-Gated Cryptography)

9 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 How to do it 1) Create a certificate request from the Alpha Application Server settings screen. 2) Send the request to a Certification Authority and get back a certificate file 3) Install the key (created in #1) and certificate files in the Alpha App Server 4) Insure that port 443 is open in firewall and router

10 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 How to do it (cont.) 5) URL links must use https://

11 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 If a Security Warning Pops Up in the Browser Insure that the URL specified in the CSR matches exactly Always happens with a Self-Signed certificate

12 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Using a Self-Signed Cert or if info does not match

13 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Demo – before Cert request

14 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Demo – Certificate Signing Request (CSR)

15 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Demo – CSR Result

16 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Demo – Cert Installed

17 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Demo - live

18 Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 Links http://luxsci.com/info/about_ssl.html - See section on SSL in Action http://luxsci.com/info/about_ssl.html Wikipedia – more technical Wikipedia GoDaddy Certs – describes different Cert levels GoDaddy Certs

Download ppt "Alpha Five User Group, Bill Parker, SSL Security and WAS, July 2007 SSL Security with Alpha Five App Server Protecting sensitive or personal data."

Similar presentations

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.

SECURE SITES. A SECURE CONNECTION TERMS Secure Sockets Layer (SSL) An older Internet protocol that allows for data transmission between server and client.
Cryptography and Network Security

Cryptography and Network Security
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.

By: Mr Hashem Alaidaros MIS 326 Lecture 6 Title: E-Business Security.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.

Web Security CS-431. HTTP Authentication Protect web content from those who don’t have a “need to know” Require users to authenticate using a userid/password.
Secure Sockets Layer. SSL SSL is a communications protocol layer which can be placed between TCP/IP and HTTP It intercepts web traffic and provides security.

Secure Sockets Layer. SSL SSL is a communications protocol layer which can be placed between TCP/IP and HTTP It intercepts web traffic and provides security.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)

Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏

Apache Web Server Quick and Dirty Steve Gibbard for SANOG 16 (Originally by Joel Jaeggli for AfNOG 2007) ‏
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.

Chapter Extension 23 SSL/TLS and //https © 2008 Pearson Prentice Hall, Experiencing MIS, David Kroenke.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.

TLS/SSL Review. Transport Layer Security A 30-second history Secure Sockets Layer was developed by Netscape in 1994 as a protocol which permitted persistent.
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »

Similar presentations

Ads by Google