Chapter 40 System
UAG4100 User’s Guide
376
HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web protocol
that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application-level protocol
that enables secure transactions of data by ensuring confidentiality (an unauthorized party cannot
read the transferred data), authentication (one party can identify the other party) and data
integrity (you know if data has been changed).
It relies upon certificates, public keys, and private keys (see
for more
information).
HTTPS on the UAG is used so that you can securely access the UAG using the Web Configurator. The
SSL protocol specifies that the HTTPS server (the UAG) must always authenticate itself to the
HTTPS client (the computer which requests the HTTPS connection with the UAG), whereas the
HTTPS client only should authenticate itself when the HTTPS server requires it to do so (select
Authenticate Client Certificates
in the
WWW
screen).
Authenticate Client Certificates
is
optional and if selected means the HTTPS client must send the UAG a certificate. You must apply for
a certificate for the browser from a CA that is a trusted CA on the UAG.
Please refer to the following figure.
1
HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the
UAG’s web server.
2
HTTP connection requests from a web browser go to port 80 (by default) on the UAG’s web server.
Figure 251
HTTP/HTTPS Implementation
Note: If you disable
HTTP
in the
WWW
screen, then the UAG blocks all HTTP connection
attempts.
40.7.4 Configuring WWW Service Control
Click
Configuration > System > WWW
to open the
WWW
screen. Use this screen to specify
from which zones you can access the UAG using HTTP or HTTPS. You can also specify which IP
addresses the access can come from.
Note:
Admin Service Control
deals with management access (to the Web Configurator).
User Service Control
deals with user access to the UAG (logging into a web portal
to access the Internet for example).