Manualshelf

iTP Secure WebServer System Administrator's Guide (iTPWebSvr 6.0+)

ManualsBrandsHP ManualsServerHP NonStop G-Series
51525354555657585960
Introduction to the iTP Secure WebServer
iTP Secure WebServer System Administrator’s Guide523346-002
1-11
iTP Secure WebServer Encryption
iTP Secure WebServer Encryption
The iTP Secure WebServer can use three types of encryption:
Secure Socket Layer (SSL) encryption
Private Communications Technology (PCT) encryption
WebSafe2 encryption
Secure Sockets Layer (SSL) and Private Communications
Technology (PCT) Encryption
Because the iTP Secure WebServer complies with the SSL 3.0 and PCT standards,
the ability to use SSL and PCT encryption is built in. There is no need to acquire any
additional software or hardware to use this type of encryption.
The SSL and PCT protocols enable a web client and server to authenticate one
another and enables both partners to protect exchanged data by using private
encryption keys that are used for a single session, then discarded. A web client or
server can be authenticated only by presenting a certificate obtained from a recognized
Certificate Authority (CA).
You can use SSL or PCT encryption by generating a key pair for the server, obtaining a
certificate from a CA, installing it, and making certain configuration changes. Using the
Keyadmin Utility to Manage Keys and Certificates on page 4-7 explains how to do this.
WebSafe2 Encryption
The iTP Secure WebServer can be configured to provide WebSafe2 encryption. When
a WebSafe2 unit is used, the web client and server observe SSL protocols when
communicating with each other, but the server hands off the most complex decryption
tasks to the WebSafe2 unit.
The WebSafe2 unit provides maximum security for the servers cryptographic
information because:
The WebSafe2 unit encrypts the server’s cryptographic key with a key that is
stored only in the WebSafe2 unit itself.
It is not possible to use a network connection to access the contents of the
WebSafe2 unit or control it in any way.
The WebSafe2 unit is equipped with sensors to detect tampering and dangerous
fluctuations in temperature and voltage.
The iTP Secure WebServer is shipped with the software it needs to use the WebSafe2
unit. You can begin using the WebSafe2 unit by unpaxing this additional software,
making certain configuration changes, generating a key pair for the server, and
obtaining and installing a new certificate from a CA. For more information about this
topic, see Section 5, Integrating the WebSafe2 Internet Security Processor (WISP).