Manualshelf

iTP Secure WebServer System Administrator's Guide (Version 7.0)

ManualsBrandsHP ManualsServerHP NonStop G-Series
41424344454647484950
Introduction to the iTP Secure WebServer
iTP Secure WebServer System Administrator’s Guide523346-012
1-3
Features and Standards Supported by iTP Secure
WebServer
while the other Pathmon serves the requests with older webserver objects. This
process is repeated to upgrade the other PATHMON.
Features and Standards Supported by iTP
Secure WebServer
Standards compliance
The iTP Secure WebServer complies fully with:
°
Common Gateway Interface (CGI/1.1)
°
Java Servlets 2.5 and JavaServer Pages 2.1 APIs
°
Hypertext Transfer Protocol (HTTP/1.0 and required features of HTTP/1.1)
°
The Secure Hypertext Transfer Protocol (Secure HTTP)
°
Secure Sockets Layer (SSL 2.0 and SSL 3.0)
°
Support for the SSL 3.0 Secure Transport Protocol includes support for
user-specified combinations of encryption and integrity checking. Webmasters
can specify the security algorithms (ciphers) that they want the iTP Secure
WebServer to use.
°
Microsoft Private Communications Technology (PCT version 1) protocol
The set of protocols that can be supported by a single instance of the iTP Secure
WebServer now consists of HTTP, SSL, and PCT.
Caching of session keys, encompassing all the secure transport protocols,
including PCT, SSL 2.0, and SSL 3.0.
Global session key caching provides increased overall SSL performance by
allowing a cache of SSL session keys to be shared amongst all instances of the
httpd serverclass, thereby maximizing the cache hits and minimizing the processor
and network resources required for establishing SSL connections to the NonStop
platform.
X509 version 3.0 certificates
Client authentication in SSL 3.0 and PCT
SSL request handling has been enhanced and PCT request handling has been
added to support client authentication. The server can request or require a Web
client to authenticate itself and can restrict access based on client-authentication
information by using region commands or CGI variables.
Digest access authentication
Note. The online-upgrade feature is available on systems running J06.06 and later J-
series RVUs and H06.17 and later H-series RVUs.