Step 15. Server Certificates

Previous page
Table of content
Next page

If your Web application supports HTTPS (SSL) over port 443, you must install a server certificate. This is required as part of the session negotiation process that occurs when a client establishes a secure HTTPS session.

A valid certificate provides secure authentication so that a client can trust the server it is communicating with, and secure communication so that sensitive data remains confidential and tamperproof over the network.

During this step, you validate your server certificate.

Validate Your Server Certificate

Check the following four items to confirm the validity of your Web server certificate:

  • Check that the valid from and valid to dates are in range.

  • Check that the certificate is being used correctly. If it was issued as a server certificate it should not be used for e-mail.

  • Check that the public keys in the certificate chain are all valid up to a trusted root.

  • Check that it has not been revoked . It must not be on a Certificate Revocation List (CRL) from the server that issued the certificate.



Previous page
Table of content
Next page
Improving Web Application Security. Threats and Countermeasures
Improving Web Application Security: Threats and Countermeasures
ISBN: 0735618429
EAN: 2147483647
Year: 2003
Pages: 613
Authors: Microsoft Corporation
BUY ON AMAZON
Beginners Guide to DarkBASIC Game Programming (Premier Press Game Development)
Cisco IP Telephony (CIPT) (Authorized Self-Study) (2nd Edition)
Service-Oriented Architecture (SOA): Concepts, Technology, and Design
Wireless Hacks: Tips & Tools for Building, Extending, and Securing Your Network
Junos Cookbook (Cookbooks (OReilly))
Special Edition Using FileMaker 8
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy