SSL terminology

System Administrator Guide for VSP 5000 Series

Version
90-09-2x
Audience
anonymous
Part Number
MK-98RD9009-16

Note the following SSL terms:

  • Secure Sockets Layer: SSL is a protocol first developed by Netscape to securely transmit data over the Internet. Two SSL-enabled peers use their private and public keys to establish a secure communication session, with each peer encrypting transmitted data with a randomly generated and agreed-upon symmetric key.
  • Keypair: A keypair is two mathematically-related cryptographic keys consisting of a private key and its associated public key.
  • Server Certificate: A Server Certificate (also called a Digital Certificate) forms an association between an identity (in this case the SVP server) and a specific keypair. A Server Certificate is used to identify the SVP server to a client so that the server and client can communicate using SSL. Server Certificates come in two basic types:
    • Self-signed: You generate your owned self-signed certificate and the subject of the certificate is the same as the issuer of the certificate. If the Device Manager - Storage Navigator computers and the SVP are on an internal LAN behind a firewall, you may find that this option provides sufficient security.
    • Signed and Trusted: For a Signed and Trusted Server Certificate, a Certificate Signing Request (CSR) is sent to and certified by a trusted Certificate Authority (CA) such as VeriSign (http://www.verisign.com/). Use of this certificate results in higher reliability in exchange for more cost and requirements.

If you enable SSL, you must make sure that the key pair and associated server certificate do not expire. If either the key pair or the server certificate expires, users will be unable to connect to the SVP.