Encrypted/Secure Communications: HTTPS Protocol Support

HyperText Transfer Protocol (HTTP) allows easy interchange of information between systems on multiple platforms. The HTTP was designed with the idea of free sharing of information so as to avoid barriers in communication. In context to security, HyperText Transfer Protocol Securer (HTTPS) was invented that allowed both sides of a web dialog to be encrypted in a cipher, negotiated between the browser and the server. HTTPS uses the secure session layer (SSL) software, which can use an assortment of different public-key algorithms. To use and install HTTPS, each server must connect with the SSL library. MOD_SSL installs automatically as part of the CSWS installation. However, OpenSSL needs to be installed to use HTTPS with Ohio State University DECthreads HTTP Server (OSU). The SSL configuration for OSU is minimal, and is covered in the instructions for building in SSL support. It is noted that OSU doesn't need SSL cache configuration directives as it doesn't share the information among multiple processes but just multiple threads with the same environment are made available.