Table of Contents
Advertisement
6 - 54 CA50/UCA Client & Server Developer & User Guide
UCA Server Security
The UCA server supports the following security related features:
•
SSL Encryption
•
Directory level password protection of sensitive Web services
•
Encryption of server configuration files
•
Encryption of passwords stored in the UCA database.
SSL (Secure Socket Layer)
Secure Sockets Layer is a protocol developed by Netscape for transmitting private documents via the Internet. SSL
uses a cryptographic system that uses two keys to encrypt data: a public key known to everyone and a private, or
secret key, known only to the recipient of the message. Both Netscape and Internet Explorer support SSL and
many Web sites use the protocol to obtain confidential user information, such as credit card numbers. By
convention, URLs that require an SSL connection start with https: instead of http:.
To enable SSL on the UCA server an SSL Certificate is required. The certificate can be purchase by trusted
companies, such as VeriSign and others. For test purposes, Microsoft provides a utility called SelfSSL that can be
used to generate SSL certificates for testing purposes only. The SelfSSL utility is part of the IIS Resource Kit
available on the Microsoft Web site.
For the purpose of this discussion assume the use of SelfSSL to generate the certificate. Refer to the SelfSLL
documentation for operational details.
Use SelffSSL to Generate the SSL Cert and Apply it to the Default Web site (UCA)
Generate a certificate with a common name of the IP address or domain name of the UCA server. The IP address
or domain name is important and is used in later steps.
Advertisement
Table of Contents
Troubleshooting
