Manualshelf

Communicator e3000 MPE/iX Release 7.0 PowerPatch 5 (Software Release C.70.05) (30216-90370)

ManualsBrandsHP ManualsSoftwareMPE/iX 7.5 Operating System
21222324252627282930
Technical Articles
WebWise Replaces Apache in FOS
Chapter 3
27
WebWise Replaces Apache in FOS
By Mark Bixby, Commercial Systems Division
The HP WebWise MPE/iX Secure Web Server version A.01.00 was first introduced as a separately
purchasable add-on product for MPE/iX 6.5 or greater. But as of MPE/iX 7.5, the WebWise web server has
been updated to version A.03.00 and replaces Apache in FOS as a no-extra-cost bundled product. Patch
WBWGDT7A brings this same functionality to MPE/iX 7.0.
This is the second release of the HP WebWise MPE/iX Secure Web Server. It was labeled version A.03.00
because it is replacing the A.02.00 version of Apache. There was no A.02.00 version of WebWise.
HP WebWise MPE/iX Secure Web Server version A.03.00 is based on Apache 1.3.22 and adds mod_ssl 2.8.5 to
provide Secure Sockets Layer (SSL) encryption and X.509 authentication using digital certificates.
Product Overview and Feature Set
HP WebWise MPE/iX Secure Web Server offers secure encrypted communications between browser and
server via the SSL and TLS protocols, as well as strong authentication of both the server and the browsers via
X.509 digital certificates. The current release of the HP WebWise MPE/iX Secure Web Server is A.03.00 and is
composed of:
Apache 1.3.22
Mod_ssl 2.8.5 SSL security add-ons for Apache
MM 1.1.3 shared memory library
Openssl 0.9.6b cryptographic/SSL library
RSA BSAFE Crypto-C 5.2 cryptographic library (for the RC2, RC4, RC5, and RSA algorithms)
HP WebWise MPE/iX Secure Web Server is NOT:
a substitute for a firewall (explicitly allow acceptable connections, etc.)
a substitute for good host security practices (change default passwords, keep the OS up-to-date, etc.)
a substitute for good application security practices (use appropriate file and user security, carefully
validate all input data, etc.)
a substitute for good human security practices (communicate the importance of protecting sensitive or
proprietary data, no password sharing, etc.)
WebWise is just one component in a secure environment and by itself does nothing to prevent the number one
cause of web server break-in events -- poorly written CGI applications. Well-written CGI applications must
rigorously validate every byte of data sent by a browser, and must refuse to process any input data containing
unexpected characters.
SSLv2.0, SSLv3.0, and TLSv1.0 Protocols
These protocols lie between the HTTP and TCP/IP protocol layers and provide secure, authenticated,
encrypted communications between the HP WebWise MPE/iX Secure Web Server and web browser clients.
X.509 Digital Certificates
Signed by external trusted Certificate Authorities, X.509 certificates provide authentication for both the HP
WebWise MPE/iX Secure Web Server and web browser clients.