iTP Secure WebServer System Administrator's Guide (Version 7.0)
iTP Secure WebServer System Administrator’s Guide—523346-012
5-1
5
Integrating the WebSafe2 Internet
Security Processor (WISP)
Follow the instructions in this section if you need to prepare the iTP Secure WebServer
to use Atalla WebSafe 2 Internet Security Processors (WISPs).
Topics discussed in this section include:
•
The Secure Configuration Terminal (SCT) on page 5-3
•
The WebSafe2 Interface Driver (WID) on page 5-3
•
How the iTP Secure WebServer Uses WebSafe2 Internet Security Processors
(WISPs) on page 5-4
•
How to Integrate WebSafe2 Internet Security Processors (WISPs) on page 5-5
•
How to Use Server Certificate Chains With WebSafe2 Encryption on page 5-17
•
Configuration and Version Requirements for SSL 3.0 Hardware Encryption on
page 5-18
•
Configuring for Additional WebSafe2 Internet Security Processors (WISPs) on
page 5-21
•
Switching From WebSafe2 to Software Encryption on page 5-22
•
Switching From Software to WebSafe2 (Hardware) Encryption on page 5-22
•
Where to Go From Here on page 5-22
WISPs are cryptographic devices that can be used to perform public/private key
encryption/decryption for the iTP Secure WebServer. They are installed on an Ethernet
network and use TCP/IP protocols to communicate with the iTP Secure WebServer;
Serial Line Internet Protocol (SLIP) and Point-to-Point Protocol (PPP) are not
supported. For security, the WISP should be installed on a private subnet. Figure 5-1
on page 5-2 shows WISPs in an iTP Secure WebServer environment.
Note. WISP is compatible only with systems running on G-series RVUs.
Notes. You cannot simultaneously use Secure Sockets Layer (SSL) 3.0 and Private
Communication Technology (PCT).
To use SSL 3.0 with a WISP, you must run WISP firmware version 2.6.11 or later and WID
software SPR AAC or later. To find out what firmware version you are running, use the
WebSafe2 1101 utility command as described in the WebSafe2 Internet Security Processor
Installation and Operations Manual. The version string should be 2611.
To use 1024 bit key-length certificates, you must run Atalla WISP firmware version 2.761.