Manualshelf

Installation manual

ManualsBrandsRed Hat ManualsComputer equipmentNETSCAPE ENTERPRISE SERVER 6.0 - PROGRAMMER GUIDE TO SERVLETS
51525354555657585960
after making sure that the servers certificate can be trusted, checks
whether the Internet name in the certificate matches the Internet name of
the server. If they match, the SSL negotiation will continue. If not, the
connection ends immediately. See server authentication in the Host
On-Demand online help for more information.
Client authentication
Client authentication is similar to server authentication except that the
Telnet server requests a certificate from the client to verify that the client is
who it claims to be. Not all servers support client authentication, including
the Host On-Demand Redirector. To configure client authentication, you
must: obtain certificates for clients; send the certificates to the clients; and
configure the clients to use client authentication. See configuring clients to
use client authentication in the Host On-Demand online help for more
information.
Express logon
You can provide users with an easy host logon process by allowing a user
to log on without having to enter a user ID and password. Using this
function reduces the time spent by an administrator maintaining host user
IDs and passwords. To use Express Logon, the session must be configured
for SSL and client authentication. See Express logon in the Host
On-Demand online help for more information.
To use server or client authentication, you must first enable SSL.
How SSL security works
SSL uses public-key and symmetric-key cryptographic technology. Public-key
cryptography uses a pair of keys: a public key and a private key. Information
encrypted with one key can be decrypted only with the other key. For example,
information encrypted with the public key can be decrypted only with the private
key. Each servers public key is published, and the private key is kept secret. To
send a secure message to the server, the client encrypts the message by using the
servers public key. When the server receives the message, it decrypts the message
with its private key.
Symmetric-key cryptography uses the same key to encrypt and decrypt messages.
The client randomly generates a symmetric key to be used for encrypting all
session data. The key is then encrypted with the servers public key and sent to the
server.
SSL provides three basic security services:
Message privacy
Achieved through a combination of public-key and symmetric-key
encryption. All traffic between an SSL client and an SSL server is encrypted
using a key and an encryption algorithm negotiated during session setup.
Message integrity
Ensures that SSL session traffic does not change en route to its final
destination. SSL uses a combination of public/private keys and hash
functions to ensure message integrity.
48 Getting Started: Host On-Demand Version 6.0: Getting Started