Securing Web Servers and XML Data with SSL


Table of Contents

1. Introduction
Certification Authorities and Trusted Roots
What Type of Certificate Should I Choose?
Securing Data in a Non-Public Commercial Environment
Wildcard Certificates - Securing Multiple Domains with one Certificate
Securing Public Facing eCommerce Sites
SSL via Self-Signed Certificates
2. Become your own Certificate Authority (CA)
Prerequisites
First Steps
Creating a Certificate Authority
Certificate Caveats
Next Steps
Verify the Certificate
Revoke a Server Certificate
Distribute Your Certificates and CRL
3. Securing Your Apache Server with SSL
Getting Started with SSL on Apache
Create a Local Key Pair
Generating a Certificate Signing Request
Receiving and Installing Your SSL Certificate
4. Securing Your IIS Server with SSL
Certificate Authoring Signing Request
Send the Certificate Request to the CA
Receiving and Installing Your SSL Certificate
Convert the Signed Certificate
Install the New Certifcate Under IIS
5. Securing Apache Tomcat Server
Resources
Servlet Container
Standalone
Setting Up Your CA
Setting Up Your Webserver
Setting Up a SSL Client
6. Test the Certificate
A. Securing Your XML Transactions using Symmetric Passphrases and OpenSSL
Prerequisites for Securing XML Data
Generate a limited use only symmetric passphrases
Sign then encrypt the symmetric passphrase for your Partner
Use the symmetric passphrase to encrypt data.
Send the Signed and Encrypted key to your partner
Your partner decrypts and recovers the symmetric passphrase
Use the symmetric passphrase to decrypt data.