How to setup a https server

This post deals with the security adding aspect of a webserver. A https protocol is a secured hyper text transfer protocol which allows all the transactions of a server-client to be done a Secured Socket Layer(SSL). The flow will be :
1. The request from the client or the response from the server is fragmented.
2. The fragmented message will be compressed
3. The compressed message will be encrypted and sent with a summary as a packet.
4. The transfer of the packet is done by usual TCP/IP layer.
An SSL layer stands between the client/Server and the TCP Layer. This allows for the sensitive information to be transferred securely over the internet.

Requirements:
APACHE server with SSL module Enabled.
If U dont have a server with SSL enabled, its better to download a full version of APACHE with SSL module enabled rather than to hunt for the mod_ssl.so file. Every version has its own module file which will not be compatible with the other version's file. Hence i recommend to either download the full server or to download the EXACT module file for the system.

CHANGES TO BE DONE:

In httpd.conf:

1. Look for the LoadModule Statements in this file:

U will find something like:

LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule ssl_module modules/mod_ssl.so
#LoadModule status_module modules/mod_status.so

Forget the rest but remove the "#" mark from the statement : #LoadModule ssl_module modules/mod_ssl.so

This will enable the mod_ssl.so when the server is starting.

2.Inorder to configure the module, there need to be some extensions and commands for the ssl module. These are already included in a config file called httpd-ssl.conf. Locate this file. It will be usually in conf/extra folder.

Locate the include statements in the httpd.conf  file.
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf

Ensure that there is no '#' is not present at the start of the second line above. This will include the httpd-ssl.conf.

IN httpd-ssl.conf:

1.Locate the Document root  statement in this folder. And edit the document root to the location where the files for the https connection are stored.
2. The default listening port for https type is 443. U can also change the same to any port which is not used by the server.
3. Server certificates and server keys: the location of the server certificate and the server key are to be specified in this statement.

HOW TO CREATE A SERVER CERTIFICATE AND SERVER KEY:

This can be done usually using an OPENSSL.
Open command prompt and go to ".../Apache/bin"
and type OPENSSL
The command line will show
OPENSSL>
Now type the following command:

req -new -x509 -nodes -out server.crt -keyout server.key

The command prompt will ask certain information like country name, state, city and organisational details. Once filled, the server.crt will be the certificate for testing in ur system. and server.key will be the server key in the system

Locate the .crt and .key files in the system and paste the same location in the httpd-ssl.conf where it shows server certificate location.

This will end the certificate and key integration part of the server. once the server is started..
Type   https://localhost:443/file_name  will give the secured page as output.

Blogged with the Flock Browser

Using Mobile phone as GSM modem

This post is dedicated to using the mobile phone as a GSM modem.

SMS Gateway is a server that serves as an interface between ur PC and mobile network. Combined with a GSM modem, one can actually send SMS to any valid mobile phone. The architecture and the design of SMS flow through a PC is shown in the picture.

CASE :
I have used Nokia E61 mobile phone with a GSM SIM card for sending out SMS to valid mobile numbers.
It involves the following requirements for the System:
1. An interface software for the mobile phone to act as a GSM Modem
In this case its Nokia PC tools. Once connected to the system through USB cable, the system recognises it and sets it to Modem configuration provided the system has Nokia PC Suite.There will be a popup window on the phone asking which mode to be selected.
Choose PC suite.

2. An SMS gateway server to interact with the GSM modem.
I have installed ActivXperts SMS gateway free version for testing purposes. Once installed u can actually setup E-mail as well as an SMS gateway through the same server. Go to SMS Messaging Channel Wizard which appears in the Program Files>ActivXperts Software. Choose Create a Channel mode for SMS and Next.
The gateway automatically detects the GSM modems included/connected to the PC. Click on the modem which has the mobile phone name. If the mobile needs a pin to activate that code, then the code is also entered in the same menu.
It will then ask for the GSM number that is present on the phone. Give the number. The next form will ask a sample number to give a test message through the phone. The test message is sent and a confirmation is acknowledged at the PC.
This opens the SMS Server manager. It has log file of all the outgoing and incoming messages through this system, the status of the outgoing messages, failed messages, reasons of failed messages and also all the outgoing messages numbers.
To send an SMS, go to the New message option on the server. This will open up a form to be filled which has channel to be specified as SMS channel which was created earlier with the Mobile phone name.
once the message is created, one can actually schedule it to a particular time to be delivered. the message will be delivered immediately if there is no time specified.

Drawbacks:
Some mobile phones donot give access to the modem once connected to the PC. These will be dedicated to the mobile phone services only.(One such case was with Motorola Razor V8). This makes the device detectable it will not be available for the services of the Gateway server.
Best solution is to install a GSM modem totally dedicated to the Gateway server.
Virtually u are sending SMS through the same phone using the Same GSM SIM card and will be charged on the phone. This problem can be solved by installing GSM modem with a SIM card that has offers for free SMS