I've been asked to look at securing our services a bit tighter.
I've gone through the normal route of securing OWA/OMA/RPC over HTTPS by using SSL certs, and also implemented SSL certs for publicly accessible websites.
But here is the quandary..
We have a web service (no html fe) which in essence uses HTTP GET and POST commands to collect data from 3rd parties via some form of Java applet apologies here my IIS knowledge is sparse as i specialise in Exchange solutions normally but i have some free time.. anyway i digress
My question is this, Is it possible to use SSL 128-but encryption between what is essentially a program and an IIS application pool.?? and if so would i need a valid cert.? (im thinking yes to the cert, but the rest is foreign to me)
Can anyone offer any thoughts please.?
I've gone through the normal route of securing OWA/OMA/RPC over HTTPS by using SSL certs, and also implemented SSL certs for publicly accessible websites.
But here is the quandary..
We have a web service (no html fe) which in essence uses HTTP GET and POST commands to collect data from 3rd parties via some form of Java applet apologies here my IIS knowledge is sparse as i specialise in Exchange solutions normally but i have some free time.. anyway i digress
My question is this, Is it possible to use SSL 128-but encryption between what is essentially a program and an IIS application pool.?? and if so would i need a valid cert.? (im thinking yes to the cert, but the rest is foreign to me)
Can anyone offer any thoughts please.?