wodWebServer internally supports secure communication
(SSL). Principe of such communication is that both client
and server have their private and public keys. They export
their public keys to each other, and any data that is sent
from one side to another is encrypted using those keys.
Since ONLY other side is able to decrypt data (with private
key), such transmission is pretty secure, because is
someone is logging information that is sent from one side
to another is unable to decrypt it by himself (at least not
is some reasonable amount of time).
To activate this engine on wodWebServer, it is sufficient
just to set Secure property to any of supported security
algorithms, specified in SecureProtocols
enum, prior to opening new connection. Secure connections
are usually slower, for few reasons. First, upon initial
connection few handshaking packets are send from both
sides, and negotiation is taking place. After both sides
successfully accept other side, each packet before is
transmitted to other side is encrypted. Such packets are
larger than initial ones.
Even it is should be sufficient for your application to set
this property to make it 'SSL-able', do not forget
you need to choose certificate for your own server, and
provide it to the Certificate
property. If you plan to use wodWebServer publically
accessible on the internet, you should get yourself
certificate signed with any known CA (Certificate
Authority), such as www.verisign.com. If you plan
to use it in closed environment, you can use our
wodCertificate component to create yourself 'self
signed' certificate.
Although TLS1 is de-facto standard today, you will
notice that some Microsoft clients don't support it
properly. For example, if you open your Internet Explorer,
and go to 'Advanced' options, you will see TLS is
not even enabled. For this purpose, we also suggest you use
ProtSSL23 constant as 'default' SSL value.
Secure
Property
