Manualshelf

iTP Secure WebServer System Administrators Guide (Version 7.5+)

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
271272273274275276277278279280
For example, to enable secure access to the file secret-recipes.html, you might include the
following directive in the server configuration file (httpd.config):
Region /cookbook/secret-recipes.html {
RequireSecureTransport
}
The reference to this file in the HTML document accessing your secret recipes might then look like
this:
Here are the <a href="https://cookbooks.org/cookbook/
secret-recipes.html">secret recipes</a>!
To enable TLS or SSL connections and specify the certificate to be used for TLS or SSL connections,
you specify the AcceptSecureTransport directive in the server configuration file (httpd.config).
The AcceptSecureTransport directive sets the default certificate for all regions on the server,
similarly to the following example:
AcceptSecureTransport -cert {CN=Juliet,O=Capulet's House of
Keys}
Comparing TLS and SSL
This section compares http:compared the design and relative advantages of TLS and SSL.
Design Goals
SSL was designed to provide a secure channel of communication between a Web client and a
server. The entire data stream between the Web client and the server is encrypted; clients and
servers do not negotiate about the application of particular security enhancements to individual
documents. In most cases, clients can verify that servers have a certificate issued by a trusted CA.
However, servers cannot authenticate clients.
Unlike SSL, the advantage of TLS is that it is independent of application protocol. Higher-level
protocols can be transparently layered on top of the TLS Protocol. The TLS standard does not specify
how protocols add security when layered on top of TLS. TLS allows you to decide how to initiate
TLS handshaking, how to interpret the authentication certificates exchanged, and design and
implement your protocols accordingly.
Relative Advantages
Both SSL and TLS provide private communication capability. They allow user names and passwords
to be carried in encrypted messages for authentication.
When selecting a protocol for your server, in addition to the relative advantages, you also must
consider which protocol your clients will be using. The best solution is for your server to service
both protocols.
Comparing TLS and SSL 275