1. The request from the client or the response from the server is fragmented.
2. The fragmented message will be compressed
3. The compressed message will be encrypted and sent with a summary as a packet.
4. The transfer of the packet is done by usual TCP/IP layer.
An SSL layer stands between the client/Server and the TCP Layer. This allows for the sensitive information to be transferred securely over the internet.
Requirements:
APACHE server with SSL module Enabled.
If U dont have a server with SSL enabled, its better to download a full version of APACHE with SSL module enabled rather than to hunt for the mod_ssl.so file. Every version has its own module file which will not be compatible with the other version's file. Hence i recommend to either download the full server or to download the EXACT module file for the system.
CHANGES TO BE DONE:
In httpd.conf:
1. Look for the LoadModule Statements in this file:
U will find something like:
LoadModule setenvif_module modules/mod_setenvif.so
#LoadModule speling_module modules/mod_speling.so
#LoadModule ssl_module modules/mod_ssl.so
#LoadModule status_module modules/mod_status.so
Forget the rest but remove the "#" mark from the statement : #LoadModule ssl_module modules/mod_ssl.so
This will enable the mod_ssl.so when the server is starting.
2.Inorder to configure the module, there need to be some extensions and commands for the ssl module. These are already included in a config file called httpd-ssl.conf. Locate this file. It will be usually in conf/extra folder.
Locate the include statements in the httpd.conf file.
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
Ensure that there is no '#' is not present at the start of the second line above. This will include the httpd-ssl.conf.
IN httpd-ssl.conf:
1.Locate the Document root statement in this folder. And edit the document root to the location where the files for the https connection are stored.
2. The default listening port for https type is 443. U can also change the same to any port which is not used by the server.
3. Server certificates and server keys: the location of the server certificate and the server key are to be specified in this statement.
HOW TO CREATE A SERVER CERTIFICATE AND SERVER KEY:
This can be done usually using an OPENSSL.
Open command prompt and go to ".../Apache/bin"
and type OPENSSL
The command line will show
OPENSSL>
Now type the following command:
req -new -x509 -nodes -out server.crt -keyout server.key
The command prompt will ask certain information like country name, state, city and organisational details. Once filled, the server.crt will be the certificate for testing in ur system. and server.key will be the server key in the system
This will end the certificate and key integration part of the server. once the server is started..
Type https://localhost:443/file_name will give the secured page as output.
Blogged with the Flock Browser
No comments:
Post a Comment