IT Center Blog: web security and HTTPS/SSL
IT-Center Logo
IT Center site title

Hello, this is IT Center Blog.

Company news from the first hand: everything that happened in IT Center yesterday, the day before yesterday and last Thursday. All publications are cleaned from white noise and synchronized with RSS feed.

Useful Mailing

IT tips and cases for your business, every 10 days, without water, without spam.



Recent

Tags

Network Security and HTTPS/SSL

25.01.2018
IT Center's SSL certificate.

All important information that leaves Internet, be it the credit card number that you paid in the online store, the transaction to the 1C database or the blog administrator's password must be transferred to the server of the store, the 1C database or the blog in an encrypted form.

Interception of encrypted traffic will not give anything to an attacker except for a meaningless sequence of symbols. For you, it means that you will continue to manage the funds of your credit card, 1C:Accounting will not be compromised, and your blog will be led by you, not someone else.

Encryption

Encryption of data occurs as follows. The source of information (you and your database) and the server-receiver (1C:Accounting) before agreeing on the data, agree on the methods and rules for encrypting the connection. HTTPS is responsible for this, which is configured by the administrator of the receiving server (let it be IT Center). However, this is not enough. It is also necessary to make sure that the receiving server is the one for whom it issues itself.

Authentication

The procedure for authenticating servers on Web is based on the use of personal certificates issued by authentication centers — international organizations that have the authority, roughly speaking, of passport offices. They issue electronic certificates confirming that the IT Center server is an IT Center server, and not something else.

The certificate is paid, and the procedure for issuing such a certificate is reasonably bureaucratic: the authentication center should present information on a legal entity and fulfill a number of technical requirements. After issuance, the certificate is embedded by the administrator on the server.

Attributes of secure Internet connection

So, you are going to pay for the purchase through Internet or work with the database through Internet.

  • Make sure that the information goes through the encrypted channel. The lock in the left corner of the browser and the address bar starting with https are signs that the connection is encrypted.
    Entering login and password in 1C:ENTERPRISE 8.3.
  • Make sure that the server you are sending information to is the one for whom it issues itself. To do this, click in the browser on the lock icon to the left of the address bar and view the information about the certificate.
    Valid IT Center's SSL‑certificate.

If you find that there is no https protocol and certificate, or if the certificate is expired or written to an unknown name, this is  an occasion to reflect on the security of such work. And, of course, the professionalism of the counterparty.

© 2009–2018 IT Center

129347, Moscow,
Prokhodchikov street 16, build 1,
Wesendorf Business Centre

tel.: +7 (495) 120-0-129
e-mail: info@it-cntr.com