Touchvue Secure Connection

4 Posts
3 Users
0 Likes
37 Views
(@l.baillieul@arcinfo.com)
Posts: 0
New Member Guest
 

Hello all

A client wants to know if there is a way to set up a secure connection on Touchvue ? If yes, what is the good configuration to do it so ?

Thanks in advance!

BR

 
Posted : 07/01/2015 4:44 pm
(@admin_doc72)
Posts: 493
Member Admin
 

Hi Loick.

Please refer to the online help of PcVue 11.0 or 11.1:
Application Explorer > Communication > Servers > Using HTTPS to Secure the Connection Between the Supervisor and its Web Components.

In addition to that there is also KB618 > Configuration in Windows. It explains how to generate a self-signed certificate. Although the KB article is about WebVue, it is the same for TouchVue. You need to sign the IIS with a certificate and enable SSL for communication over HTTPS.

Instead of using a self-signed certificate of course we recommend using a certificate that is issued by a trusted certificate authority.

 
Posted : 07/01/2015 5:30 pm
n.kunzer
(@n-kunzerarcinfo-com)
Posts: 1236
Member Moderator
 

Hmmmm it depends what do you mean by "secure".
Https is secured only for apprentice hackers actually.

Extract from http://www.spiegel.de/international/germany/inside-the-nsa-s-war-on-internet-security-a-1010361.html
....
Anything But Secure

Even more vulnerable than VPN systems are the supposedly secure connections ordinary Internet users must rely on all the time for Web applications like financial services, e-commerce or accessing webmail accounts. A lay user can recognize these allegedly secure connections by looking at the address bar in his or her Web browser: With these connections, the first letters of the address there are not just http -- for Hypertext Transfer Protocol -- but https. The "s" stands for "secure". The problem is that there isn't really anything secure about them.
The NSA and its allies routinely intercept such connections -- by the millions. According to an NSA document, the agency intended to crack 10 million intercepted https connections a day by late 2012. The intelligence services are particularly interested in the moment when a user types his or her password. By the end of 2012, the system was supposed to be able to "detect the presence of at least 100 password based encryption applications" in each instance some 20,000 times a month.
....

Not arguing here, just facts...

Nico

 
Posted : 08/01/2015 8:14 am
(@admin_doc72)
Posts: 493
Member Admin
 

I will not comment on intelligence activities...

But I think we can agree that using SSL/TLS is more secure than using no encryption at all and sending passwords in plain text. At least that will cost the spooks some CPU power...

Plain text HTTP is dead, in fact.

Securing PcVue's web components by SSL/TLS should become a basic standard action for our customers and this should absolutely be promoted that way.
We can discuss potential attack surface for governmental attackers after.

Another German online magazine recently explained quite well the myths about HTTPS:
Link to golem.de (probably not available in English language).

 
Posted : 08/01/2015 3:45 pm