Server authenticationWhen you define a secure connection, Host On-Demand offers three options on the Security tab: Enable Security, Security Protocol, and Send a Certificate (client authentication).
Click Enable Security to enable server and client authentication.
Security Protocol specifies the method used for client and server authentication.
TLS
Transparent Layer Security (TLS) protocol. The TLS option creates a standard TLS connection between the client and the server. The client contacts the server by sending a communication known as a handshake, which enables the client and server to authenticate to each other and specify the type of encryption that is used during the session. All data exchanged between the client and server during the session is encrypted and cannot be read by a third party. In addition, the protocol includes a message integrity check to ensure the integrity and reliability of transmitted data.
 |
Client sends a request for an SSL session to Server1. The request (and all subsequent traffic) actually goes through Server2. Instead of forwarding Client's request to Server1, Server2 responds directly to the request by sending its own certificate to Client. |
 |
Client receives Server2's certificate and checks its list of trusted CAs. Since Server2's certificate is signed by the same CA as Server1's certificate, Client accepts the certificate and creates a secure session with Server2. |
 |
Having completed the secure session with Client, Server2 requests and creates its own SSL session with Server1. From this point, Client sends encrypted information to Server2. Server2 decrypts the information, re-encrypts it, then sends it to Server1. It does the same for information flowing in the opposite direction. The result is that, although all data is encrypted when it flows over the Internet, Server2 is able to read it, and even change it. |
For this check to be valid and give a positive result, two conditions must be met: