The SSL security protocol is the primary mechanism for enabling data encryption, server authentication, message integrity, and optional client authentication for a TCP/IP connection. To enable SSL, you must have a Web Server Certificate. You can obtain a Web Server Certificate from organizations such as Thawte or Verisign.
If you require SSL, your IS department should configure and test it on the server before you install NXT 4. Consult your Web server's documentation for more information about setting up SSL. For IIS users, see the Microsoft® Knowledge Base article 298805 entitled HOW TO: Enable SSL for All Customers Who Interact with Your Web Site in Internet Information Services.
When SSL is enabled, you can protect your user's identity and credentials when they authenticate to your site. NXT 4 redirects all requests that result in a user authentication challenge to HTTPS. Changing the protocol from HTTP to HTTPS encrypts the authentication request and protects it from someone scanning network traffic looking for access to your site. After the user has successfully authenticated, NXT 4 redirects the user request back to HTTP.
If you want to protect your content, then you must encrypt all communication between your NXT 4 site and your users by requiring SSL for the NXT 4 virtual directory on your Web server. To enable content privacy, you must configure your Web server's virtual directory where NXT 4 is installed to require SSL. For more information about configuring NXT 4 to use SSL, see Configuring ACM or Configuring DefaultACM.
Note: Enabling SSL on the virtual directory (and not just for authentication) can degrade performance. This is an inherent issue with SSL and not a problem with NXT.
Copyright © 2006-2023, Rocket Software, Inc. All rights reserved.