Manualshelf

iTP Secure WebServer System Administrator's Guide (iTPWebSvr 5.1+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
41424344454647484950
Introduction to the iTP Secure WebServer
iTP Secure WebServer System Administrator’s Guide522659-001
1-10
iTP Secure WebServer Encryption
iTP Secure WebServer Encryption
The iTP Secure WebServer can use three types of encryption:
Secure Socket Layer (SSL) encryption
Private Communications Technology (PCT) encryption
WebSafe2 encryption
Secure Sockets Layer (SSL) and Private Communications Technology
(PCT) Encryption
Because the iTP Secure WebServer complies with the SSL 3.0 and PCT standards, the
ability to use SSL and PCT encryption is built in. There is no need to acquire any
additional software or hardware to use this type of encryption.
The SSL and PCT protocols enable a web client and server to authenticate one another
and enables both partners to protect exchanged data by using private encryption keys
that are used for a single session, then discarded. A web client or server can be
authenticated only by presenting a certificate obtained from a recognized Certificate
Authority (CA).
You can use SSL or PCT encryption by generating a key pair for the server, obtaining a
certificate from a CA, installing it, and making certain configuration changes. Using the
Keyadmin Utility to Manage Keys and Certificates on page 4-7 explains how to do this.
WebSafe2 Encryption
The iTP Secure WebServer can be configured to provide WebSafe2 encryption. When a
WebSafe2 unit is used, the web client and server observe SSL protocols when
communicating with each other, but the server hands off the most complex decryption
tasks to the WebSafe2 unit.
The WebSafe2 unit provides maximum security for the server’s cryptographic
information because:
The WebSafe2 unit encrypts the server’s cryptographic key with a key that is stored
only in the WebSafe2 unit itself.
It is not possible to use a network connection to access the contents of the WebSafe2
unit or control it in any way.
The WebSafe2 unit is equipped with sensors to detect tampering and dangerous
fluctuations in temperature and voltage.
The iTP Secure WebServer is shipped with the software it needs to use the WebSafe2
unit. You can begin using the WebSafe2 unit by unpaxing this additional software,
making certain configuration changes, generating a key pair for the server, and obtaining
and installing a new certificate from a CA. For more information about this topic, see
Section 5, Integrating the WebSafe2 Internet Security Processor (WISP)
.