Security can be enabled for the HTTP listener only when there are available installed certificates.
Once you have a certificate, you can associate the certificate with a HTTP Listener and thus secure the server.
Encryption is the process of transforming information so it is meaningless to anyone except the intended recipient. Decryption is the process of transforming encrypted information so that it is meaningful again. Web Server includes support for SSL and TLS protocols.
A cipher is a cryptographic algorithm (a mathematical function), used for encryption or decryption. SSL and TLS protocols contain numerous cipher suites. Some ciphers are stronger and more secure than others. Generally speaking, the more bits a cipher uses, the harder it is to decrypt the data.
In any two-way encryption process, both parties must use the same ciphers. Because a number of ciphers are available, you need to enable your server for those most commonly used.
During a secure connection, the client and the server agree to use the strongest cipher they can both have for communication. You can choose ciphers from the SSL2, SSL3, and TLS protocols.
Improvements to security and performance were made after SSL version 2.0; you should not use SSL 2 unless you have clients that are not capable of using SSL 3. Client certificates are not guaranteed to work with SSL 2 ciphers.
The encryption process alone isn’t enough to secure your server’s confidential information. A key must be used with the encrypting cipher to produce the actual encrypted result, or to decrypt previously encrypted information. The encryption process uses two keys to achieve this result: a public key and a private key. Information encrypted with a public key can be decrypted only with the associated private key. The public key is published as part of a certificate; only the associated private key is safeguarded.
Web Server supports the Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) protocols for encrypted communication. SSL and TLS are application independent, and higher level protocols can be layered transparently on them.
SSL and TLS protocols support a variety of ciphers used to authenticate the server and client to each other, to transmit certificates, and to establish session keys. Clients and servers may support different cipher suites, or sets of ciphers, depending on factors such as which protocol they support, company policies on encryption strength, and government restrictions on export of encrypted software. Among other functions, the SSL and TLS handshake protocols determine how the server and client negotiate which cipher suites they will use to communicate.
Click theConfigurations > HTTP Listeners > Security tab to edit the HTTP Listeners security settings. The following table lists the properties that you can configure in this page.
Table 6–1 HTTP Listener Security Properties