What are the requirements to implement the HTTPS protocol? I know that I need an HTTPS server that contains a certificate. Please guide me to implement HTTPS.
Asked
Active
Viewed 4,153 times
1
-
Are you trying to stand up a HTTPS server, or are you trying to actually write one? – Joe Jun 03 '10 at 15:17
-
im trying to stand up a https server – simplyblue Jun 03 '10 at 15:20
-
Did you try Googling "HTTPS HowTo [Name of the Server Software you're using]". If not, start there, and ask more specific questions here. – Chris S Jun 25 '11 at 14:12
2 Answers
3
Depends on the web server. Typically, you need:
- Port 443 (or whatever port you're using) open on the virtual site (for Apache that's the Listen directive in the VirtualHost section of your config file, in IIS you have to add a host header)
- A valid security certificate
- A credible issuing authority if you're using this for a public website and don't want a security warning from the browser (something like Verisign, Thawte, RapidSSL, etc.)
- A unique IP address (or rather, the IP/port combination you're using has to end up serving the website)
- The firewall port open for 443 (or whatever port you're using)
lewiguez
- 131
0
You can configure a HTTP Server like Apache to provide HTTPS by installing mod_ssl and configuring it with a certificate, etc. in /etc/httpd/conf.d/ssl.conf (Red Hat / CentOS).
Or you can use a software reverse proxy / SSL Offloader like nginx to provide SSL termination to your HTTP Server. In this case the certificate resides on the proxy and does the SSL negotiation, etc. and proxy_pass[es] the traffic to the HTTP Server.
Or you can use a hardware reverse proxy / SSL Offloader like F5's BIG-IP which is just a dedicated device that does local traffic management in addition to SSL termination. Same as nginx, certificate resides on the device and passes the traffic to the HTTP Server.
Cheers
HTTP500
- 4,843