- How to Create a Self Signed Certificate using Java Keytool
- SSL Host Headers in IIS 7
- How to Create a Self Signed Certificate in IIS 7
- How to use SSL Certificates with Exchange 2007
- The Most Common Java Keytool Keystore Commands
SSL VPN Servers
What is an SSL VPN Server?
A VPN (Virtual Private Network) simulates a private network over the public Internet by encrypting communications between the two end-points. An SSL VPN is a type of VPN that are normally accessed with a Web browser rather than special client software. It allows you to create a separate, virtual network on top of a physical network. For example, you can connect your home computer to the network at your office and have the same connectivity and privacy as if your computer were physically at the office.
Common application used with SSL VPN servers include e-mail, file sharing, remote backup, and remote system management. With SSL VPN security you can securely access your files and applications anywhere in the world.
How does an SSL VPN server work?
An SSL VPN server works by creating a virtual channel over the public Internet using symmetric encryption. Both sides of the channel have keys that are used to encrypt and decrypt the traffic. Because symmetric encryption algorithms (AES, Blowfish, etc.) are so fast, they are used to encrypt the majority of the traffic. However, a different method must be used, at first, in order to transfer the keys to the correct parties. This ensures that you are talking with who you think you are talking to. This is where SSL certificates come into play. SSL certificates use Public Key Cryptography using a public and a private key. Any data encrypted with the public key can only be decrypted with the private key, and vice versa. Once identities are verified, a symmetric key is generated and used to encrypt the rest of the data.
How do you set up SSL VPN Security?
To set up an SSL VPN you will need to use a special device or software. If you’re low on cash, we recommend the excellent, free SSL VPN solution OpenVPN. You can also check out one of the following commercial solutions:
How do you get an SSL Certificate for an SSL VPN server?
Most SSL VPN servers and devices include self-signed certificates or the ability to generate them. The problem with self-signed certificates is that most web browsers will give an “SSL certificate not trusted” error when accessing them. To enable error-free SSL VPN security you will want to compare SSL certificates and buy from a certificate authority. We recommend using the SSL Wizard to find the right certificate.
Once you have generated a CSR and received a certificate, you will need to install it to the SSL VPN server or device. Devices are varied so you will need to consult your device or server documentation on how to do this.
SSL VPN Server Links
- How Virtual Private Networks Work
- Moving to SSL VPN
- Secure that line!
- Guide to SSL VPNs (US National Institute of Standards and Technology)