background preloader

Apache

Facebook Twitter

SSL

What are the types of SSL Certificates? Over the last few years the number of organizations using SSL Certificates has increased dramatically.

What are the types of SSL Certificates?

The applications for which SSL is being used have also expanded. For example: Some organizations need SSL simply for confidentiality, e.g. encryption Some organizations wish to use SSL to enhance trust in their security and identity, e.g. they want to show customers they have been vetted and are a legitimate organization As the applications for SSL have started to become wider, three types of SSL Certificates have emerged: Extended Validation (EV) SSL Certificates: where the Certificate Authority (CA) checks the right of the applicant to use a specific domain name PLUS it conducts a THOROUGH vetting of the organization.

EV SSL Certificates are available for all types of businesses, including government entities and both incorporated and unincorporated businesses. Domain Validation (DV) SSL Certificates: where the CA checks the right of the applicant to use a specific domain name. Tomcat 6.0 (6.0.35) - SSL Configuration HOW-TO. Configurer apache2 pour faire du https - PatDef.fr. Quels sont les étapes à suivre pour fournir un site protégé par un encryptage ssl ? Arrêt de apache Avant de commencer toute manipulation sur les fichiers de configuration apache, commençont par arrêter le serveur : # /etc/init.d/apache stop Activer le module ssl Dans un premier temps, il faut activer ssl. . # a2enmod ssl Créer un hôte virtuel pour le site en https Il faut maintenant créer un hôte virtuel pour le site devant être mise en ligne en utilisant ssl.

Ajoutons un fichier mondomaine.https dans /etc/apache2/sites-available contenant en plus des lignes habituelles les lignes suivantes : NameVirtualHost *:443 <VirtualHost *:443> ... ... # add ssl protocol SSLEngine On SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLCertificateFile /etc/ssl/certs/mondomaine.crt SSLCertificateKeyFile /etc/ssl/private/mondomaine.key </VirtualHost> Attention : La ligne NameVirtualHost *:443 ne doit apparaître qu’une seule fois dans l’ensemble des fichiers contenus dans le répertoire sites-available.

Example of two-way authentication with https. Server Authentication Authentication of the server is accomplished by downloading the public key from the AIDAP server and inserting it into a local keystore.

Example of two-way authentication with https

The keystore is then referenced within the client application via a java property. The symptom that indicates server authentication is not succeeding in the handshake is a message like the following: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target A handy utility called InstallCert from sun.com takes care of acquiring the server's public key and inserting it into a keystore.

There is a link to this java class at: The source code itself is located at: Download the source code, then compile it using: javac InstallCert. Eclipse Help.