Horizon Compact Release 1.01.00 Wireless Ethernet Product User Manual – Volume 2
4.6 Horizon SSL Web Server
The Horizon Web server can be configured for Secure Sockets Layer (SSL). The Web server may be
configured to operate in standard mode or in SSL mode. Horizon's SSL Web server is HTTP 1.0/1.1
compliant, features full support of HTML 2.0, 3.2, 4.0 and supports SSL 3.0.
Secure Sockets Layer, SSL, is the standard security technology for creating an encrypted link between a
Web server and a browser. This link ensures that all data passed between the Web server and browser,
remain private and integral. In order to be able to generate an SSL link, a Web server requires an SSL
Certificate.
In order to invoke SSL on the Horizon Web server, an SSL certificate must be generated on the Horizon
system. Horizon uses an embedded SSL Web server from Allegro Software Development Corporation.
Once generated, the certificate may be held as a private certificate or it may be registered with a Trusted
Certificate Authority such as:
• Allegro Software Development Corporation
• Microsoft Root Authority
• Thawte Server
• GTE Cybertrust Root
• VeriSign RSA Secure Server
SSL access can be enabled on a per-user group basis. SSL access can be invoked for the Super User,
for all NOC accounts, for all Admin accounts, or any combination of the three. Once SSL access has
been enabled for the user group then all members of that user group must use SSL to connect to the
Horizon Web browser. Even if SSL access is not required for the user group, those users may access the
Horizon Web browser through HTTPS (SSL) as a security measure.
4.6.1 What is SSL?
SSL stands for Secure Sockets Layer. The SSL protocol, developed by Netscape, is supported by all
popular Web browsers such as Internet Explorer, Netscape, AOL and Opera. An SSL certificate, issued
by a Certification Authority (CA), must be installed on the Web server in order for SSL to work. SSL can
then be used to encrypt the data transmitted (secure SSL transactions) between a browser and Web
server. Browsers indicate an SSL secured session is active by changing the URL from http to https and
by displaying a small padlock in the bottom toolbar.
SSL works as follows:
1. A browser requests a secure page (usually through the https:// format within the URL).
2. The Web server sends its public key with its certificate.
3. The browser checks that the certificate was issued by a trusted party (usually a trusted root
Certificate Authority), that the certificate is still valid and that the certificate is related to the site
contacted. The browser keeps a list of trusted Certificate Authorities. New CA's may be
added to the browser by the user.
4. The browser then uses the public key, to encrypt a random symmetric encryption key and
sends it to the server with the encrypted URL required as well as other encrypted http data.
5. The Web server decrypts the symmetric encryption key using its private key and uses the
symmetric key to decrypt the URL and http data.
6. The Web server sends back the requested html document and http data encrypted with the
symmetric key.
7. The browser decrypts the http data and html document using the symmetric key and displays
the information.
To Next Page
Loading...