Configuring The Access Gateway For Ssl; Using Ssl On The Access Gateway Communication Channels; Section 2.1, "Using Ssl On The Access Gateway Communication Channels - Novell ACCESS MANAGER 3.1 SP1 - GATEWAY GUIDE Manual

Configuring the Access Gateway
2
for SSL
SSL provides the following security features:
Authentication and nonrepudiation of the server through the use of digital signatures
Data confidentiality through the use of encryption
Data integrity through the use of authentication codes
Mutual SSL provides the same things as SSL, with the addition of authentication and
nonrepudiation of the client, by using digital signatures.
To ensure the validity of X.509 certificates, Access Manager supports both Certificate Revocation
Lists (CRLs) and Online Certificate Status Protocol (OCSP) methods of verification.
This section describes how the Access Gateway can use SSL in its interactions with other Access
Manager components, how you can enable SSL between an Access Gateway and these components,
and how you can use other options to increase security:
Section 2.1, "Using SSL on the Access Gateway Communication Channels," on page 63
Section 2.2, "Prerequisites for SSL," on page 65
Section 2.3, "Configuring SSL Communication with the Browsers and the Identity Server," on
page 66
Section 2.4, "Configuring SSL between the Proxy Service and the Web Servers," on page 68
Section 2.5, "Enabling Secure Cookies," on page 71
Section 2.6, "Managing Access Gateway Certificates," on page 73
2.1 Using SSL on the Access Gateway
Communication Channels
You can configure the Access Gateway to use SSL in its connections to the Identity Server, to the
browsers, and to its Web servers. Figure 2-1 illustrates these communication channels.
Configuring the Access Gateway for SSL
2
63