Chapter 23 Remote Management Configuration

23.2 Introduction to HTTPS

HTTPS (HyperText Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a web protocol that encrypts and decrypts web pages. Secure Socket Layer (SSL) is an application- level protocol that enables secure transactions of data by ensuring confidentiality (an unauthorized party cannot read the transferred data), authentication (one party can identify the other party) and data integrity (you know if data has been changed).

It relies upon certificates, public keys, and private keys (see Chapter 19 on page 301 for more information).

HTTPS on the ZyXEL Device is used so that you may securely access the ZyXEL Device using the web configurator. The SSL protocol specifies that the SSL server (the ZyXEL Device) must always authenticate itself to the SSL client (the computer which requests the HTTPS connection with the ZyXEL Device), whereas the SSL client only should authenticate itself when the SSL server requires it to do so (select Authenticate Client Certificates in the REMOTE MGMT, HTTP screen). Authenticate Client Certificates is optional and if selected means the SSL-client must send the ZyXEL Device a certificate. You must apply for a certificate for the browser from a CA that is a trusted CA on the ZyXEL Device.

Please refer to the following figure.

1HTTPS connection requests from an SSL-aware web browser go to port 443 (by default) on the ZyXEL Device’s WS (web server).

2HTTP connection requests from a web browser go to port 80 (by default) on the ZyXEL Device’s WS (web server).

Figure 194 HTTPS Implementation

"If you disable HTTP Server Access (Disable) in the REMOTE MGMT HTTP screen, then the ZyXEL Device blocks all HTTP connection attempts.

 

345

P-2602HWLNI User’s Guide