>Can someone help me to find an encryption utility (CGI script or API) to
>encrypt data between the Web server and databases (e.g., SQL, DB2, etc.)?
SSLeay (http://www.psy.uq.oz.au/~ftp/Crypto) has a very easy to
integrate API for implementing the SSL encryption/authentication
protocol.
Ob. firewalls: I've thought of using this to make an SSL-enabled
plug-gw as a quickie way of implementing firewall-to-firewall
encryption on a per-port basis. Looking at the code, it seems as
though it would be fairly straightforward to add an -encrypt option to
a given configuration that the program would use to trigger SSL mode.
(Or maybe it would require an -encrypt-receive and an -encrypt-send, or
some such, so it would know which socket to SSL-ify without adding
in-band negotiation between the endpoints.)
I've also thought of adding an "BEGINSSL" SMTP command to sendmail,
which, if the remote side replied with a non-error result code, would
trigger both sides into using SSL for mail transport -- there ought to
be an RFC for something like this if there isn't already.
-- KH
|
|
