从LAMP到IIS Web API的安全连接
[英]Secure Connection from LAMP to IIS Web API
问题描述
I already have an existing LAMP application. 
我已经有一个现有的LAMP应用程序。 I am going to integrate a 3rd part API which uses C#, so I'm planning to create a Web API for them to be connected. 我将集成一个使用C#的第三部分API,因此我打算为它们建立一个Web API进行连接。 No other website will connect to the web API other than the LAMP app. 除了LAMP应用程序外,没有其他网站可以连接到Web API。 How do I make a secure connection from my LAMP app to the web API? 如何建立从我的LAMP应用程序到Web API的安全连接? Thanks. 谢谢。
1 个解决方案
解决方案1
0
If it is just API calls and nothing dealing with interfaces you can use Encrypted WebSockets or create your Authorization headers... which could be a bit of work and would only work between the those two applications. 如果只是API调用而没有处理接口,则可以使用Encrypted WebSockets或创建Authorization标头...这可能需要一些工作,并且只能在这两个应用程序之间使用。
The most secure way to lock them up is a combination of a secure HTTP request (HTTPS) coupled with a Client Certificate. 锁定它们的最安全方法是将安全HTTP请求(HTTPS)与客户端证书结合在一起。
All of these things are quite a tall order; 所有这些事情都是很高的要求。 you're best bet is to just get/create a half-way decent SSL certificate and use BASIC authentication. 最好的选择是仅获取/创建一个中途的SSL证书并使用BASIC身份验证。 Your authorization headers will be encrypted. 您的授权标头将被加密。 Even a self-signed certificate would work; 即使是自签名证书也可以; make sure to research on how to make a self-signed certificate the most secure it can be. 确保研究如何使自签名证书最安全。 Also your LAMP server will likely make use of cURL to send the requests to the C# server, you'll want to make use of the curl -k option if you're going to be using a self-signed cert. 同样,您的LAMP服务器可能会使用cURL将请求发送到C#服务器,如果要使用自签名证书,则需要使用curl -k选项。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.