iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)
Integrating the WebSafe2 Internet Security
Processor (WISP)
iTP Secure WebServer System Administrator’s Guide—522659-001
5-17
Configuration and Version Requirements for SSL 3.0
Hardware Encryption
Configuration and Version Requirements for
SSL 3.0 Hardware Encryption
Observe the following requirements if you plan to use the SSL 3.0 hardware encryption
feature. You do not need to observe these requirements if you will be using SSL 2.0
services only or if you will be using SSL 3.0 software encryption only.
Obtaining a New Certificate
If you will be using SSL 3.0 features with your WISP, you need to obtain a new
certificate using the keyadmin utility. Atalla designed the new SSL commands with a
different key type than those used by other protocols. This design feature prevents
unauthorized retrieval of sensitive data in their clear text form by anyone using other
Atalla WebSafe commands.
Your new certificate can be used for both SSL 2.0 and SSL 3.0 sessions.
For information about generating and installing the new certificate, see Generating the
Public/Private Key Pair and Obtaining the Certificate on page 5-9.
Using Earlier Version Keys and Certificates
Observe the following guidelines if you intend to use keys and certificates generated or
configured with earlier versions of the iTP Secure WebServer or the WISP’s firmware.
iTP Secure
WebServer
Version
WebSafe2
Internet
Security
Processor
(WISP)
Firmware
Version SSL Support Recommended Action
Earlier than 3.2 Any SSL 2.0 only Upgrade as needed for SSL
3.0 support for enhanced
security
3.2 2611 or later SSL 2.0 and SSL 3.0 New certificate required
3.3 or later Earlier than 2611 SSL 2.0 only Upgrade as needed for SSL
3.0 support for enhanced
security
2611 or later SSL 2.0 and SSL 3.0 New certificate required