How do I set up SSL socket exchange between two servers that communicate via the Internet? This is not for a Web...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
server or Web client, but two applications that need to interact as server/client, but use the Internet for part of their network. What's the best, most secure setup?
There are actually many ways to go about creating an SSL connection between servers, and the best one for your situation will depend upon the type of protocol you're planning to tunnel through it. As you probably know, the Secure Sockets Layer (SSL) allows the use of encryption to protect data sent via a TCP/IP connection. The most commonly used implementation of SSL is the HTTPS protocol: a secure encrypted alternative to HTTP for transferring information over the Web.
The easiest way to create a secure connection between two servers is through the use of the secure shell command (ssh), which uses SSL to create a telnet-style connection between two servers. This technology is built into Linux/Unix deployments, and there are several free implementations available for Windows systems, including OpenSSH and PuTTY.
If you're building a custom application, you should find an SSL library for the programming environment you're using. SSL is extremely common and can be found for virtually any environment. I often use the Crypt::SSLeay Perl module for this purpose, although any standard SSL implementation that you're comfortable using in your environment will work.
Dig Deeper on SSL and TLS VPN Security
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.