How do I set up SSL socket exchange between two servers that communicate via the Internet? This is not for a Web...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
server or Web client, but two applications that need to interact as server/client, but use the Internet for part of their network. What's the best, most secure setup?
There are actually many ways to go about creating an SSL connection between servers, and the best one for your situation will depend upon the type of protocol you're planning to tunnel through it. As you probably know, the Secure Sockets Layer (SSL) allows the use of encryption to protect data sent via a TCP/IP connection. The most commonly used implementation of SSL is the HTTPS protocol: a secure encrypted alternative to HTTP for transferring information over the Web.
The easiest way to create a secure connection between two servers is through the use of the secure shell command (ssh), which uses SSL to create a telnet-style connection between two servers. This technology is built into Linux/Unix deployments, and there are several free implementations available for Windows systems, including OpenSSH and PuTTY.
If you're building a custom application, you should find an SSL library for the programming environment you're using. SSL is extremely common and can be found for virtually any environment. I often use the Crypt::SSLeay Perl module for this purpose, although any standard SSL implementation that you're comfortable using in your environment will work.
Dig Deeper on SSL and TLS VPN Security
Related Q&A from Mike Chapple
Here are some important criteria for hiring a partner to review your information security program, with a focus on HIPAA and HITECH compliance.continue reading
New guidance from the PCI SSC includes some essential aspects of tokenization security and what merchants need to know about tokenization products.continue reading
HIPAA data breach reporting now uses an electronic Web portal, so what does this mean for covered entities? Expert Mike Chapple explains.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.