Enforcing encrypted Web transactions using SSL

The Secure Sockets Layer (SSL) is a security protocol that protects data by encrypting it as it passes between servers and Web clients. SSL provides communications privacy and authentication for Domino® server tasks that operate over TCP/IP. You can require users to access a database using a secure SSL connection to a single database or to all databases on a server. A common use for this type of added security occurs in an e-commerce application in which Web users enter confidential information such as credit card numbers.

If you do not require an SSL connection, clients can use either SSL or TCP/IP to connect to the server.

The server administrator enables the SSL port in either the Internet Site document or the Server document of the Domino® Directory. Then, to protect transactions in individual databases -- for example, in databases used for commercial transactions -- the database designer assigns the database property "Web Access: Require SSL Connection."

Note that the server administrator actually has three options in allowing access over the SSL port:

• With anonymous access over the SSL port -- Web users can connect to the server using the SSL port, however, the server allows anonymous users.
• With name and password access -- Web users connect to the server over the SSL port, and authenticate using name and password.
• With access through client certificates -- Web users have been issued an X.509 client certificate and connect to the server over the SSL port. They are authenticated using this client certificate.