堆栈内存溢出
  简体   繁体   English

Web应用程序之间的通信,有1个SSL证书,其他没有

[英]Communication between web applications, 1 SSL certificate, other has none

 原文  2009-04-07 12:15:04       c#/ asp.net/ xml/ ssl

问题描述

This the situation: I have one webservice without SSL, which provides two pages for the other web application. 这种情况:我有一个没有SSL的Web服务,它为另一个Web应用程序提供了两个页面。 When the user submits these pages, an XML file with private information is sent to the webservice. 当用户提交这些页面时,带有私有信息的XML文件将发送到Web服务。

How can I provide the necessary privacy protection on the XML file? 如何在XML文件上提供必要的隐私保护? Is the one certificate good enough to give the appropriate security? 一个证书足够好以提供适当的安全性吗?

I'm not sure about this one, and am in the preparation phase of a project... So need to know the involved work on this part... 我对此不确定,目前处于项目的准备阶段...因此需要了解这一部分的相关工作...

3 个解决方案

解决方案1
 0  2009-04-07 12:38:26

Certificates are tied to the hostname of the server (or, with wildcard certificates, all the hosts in a domain). 证书绑定到服务器的主机名(或通配符证书,绑定到域中的所有主机)。 So if the two services are on the same host, then both can use the same certificate. 因此,如果两个服务都在同一主机上,那么两者都可以使用相同的证书。

If they are not on the same host there will be no transport security on the non-SSL service unless this is added separately. 如果它们不在同一主机上,则除非单独添加,否则非SSL服务将没有传输安全性。 WCF has support for message (or part of message) encryption. WCF支持消息(或消息的一部分)加密。

解决方案2
 0 已采纳  2009-04-07 12:39:07

As an alternative to SSL you could encrypt the file yourself using any of the algorithms available in using System.Security.Cryptography but then you have to work out a mechanism to exchange your key(s). 作为SSL的替代方法,您可以使用System.Security.Cryptography中可用的任何算法自己对文件进行加密,但随后必须制定一种机制来交换密钥。

However by far the easiest way will be to have both web services using SSL endpoints. 但是,到目前为止,最简单的方法是使两个Web服务都使用SSL端点。 That will take care of all your confidentiality, integrity and identity considerations in one fell swoop. 这将一举解决您所有的机密性,完整性和身份考虑因素。

解决方案3
 0  2009-04-10 07:39:01

The simplest solution is certainly to use TLS, ex-SSL (widely supported in every programming language). 最简单的解决方案当然是使用TLS(ex-SSL)(每种编程语言都广泛支持)。

There is no need to buy a certificate (and it brings no extra security, it is mostly there to make PHBs feel better): either create self-signed certificates or set up your own CA. 无需购买证书(它不会带来额外的安全性,大多数情况下都是为了使PHB感觉更好):创建自签名证书或设置自己的CA。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Web应用程序之间的通信 - Communication between web applications Java和C#应用程序之间的SSL通信 - SSL communication between Java and C# applications 2个应用程序之间的进程间通信 - Interprocess communication between a 2 applications 应用程序之间的通信(进程间)? - Communication (Interprocess) between applications? 两个应用程序之间的异步通信 - Asynchronous Communication Between Two Applications 2 个 Windows 窗体应用程序之间的通信 - Communication between 2 Windows Forms applications 2个应用程序之间的安全密码通信 - Secure password communication between 2 applications 两个不同应用程序之间的通信 - Communication between two different applications https证书ssl有问题 - https certificate ssl has an issue vb.net应用程序之间的通信 - Communication between vb.net applications
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM