SSL Public Key Authentication in WebDrive
Public key security, more formally known as asymmetric cryptography, involves the use of a pair of dissimilar algorithms (a key pair) to encrypt and decrypt data. Unlike symmetric cryptography, which uses only one key to both encrypt and decrypt, asymmetric cryptography involves two keys that perform opposite functions but make up one process. The public key encrypts the data, which can then only be decrypted by the paired, secret private key. The private key cannot be discovered with the public key, so a user can safely disseminate the public key to users, who can then send coded data only the key pair owner can decode.
WebDrive uses public key security through Secure Sockets Layer (SSL), which is incorporated into several file transfer protocols, including FTPS, HTTPS, and WebDAVS. SSL offers a higher level of security by optionally accepting connections with only authorized certificates.
To configure your WebDrive server to utilize public key authentication:
- Launch WebDrive. If you haven’t created a site, click New to launch the site creation wizard.
- Select Secure FTP (otherwise known as FTPS, or FTP protected by SSL), HTTPS, or WebDAVS.
- After entering your connection information, choose TLS v1.0 ‘AUTH TLS’ for the Encryption Method. This has security enhancements not found in SSL. Also enable Secure Data Channel (Prot P) to encrypt your data channel.
- Click the Advanced Settings button. In the dialogue, open the Connection Settings tab and deselect SSL v3.
- WebDrive will need a certificate of authenticity to establish a secure connection over SFTP. To set up a certificate, still in the Advanced Settings window, select the FTP Settings tab and click the “...” button under Client Certificate to connect to server with. Select a certificate. If there are no certificates, you will need to import one into WebDrive by going to App Settings > Security > Certificate Manager and choose Import. (see the Certificate Management section for more details)
- Close Advanced Settings and test your connection. If you do not successfully connect you will receive an error message explaining why you cannot connect. Click Close and Next.
- Name your site and select Connect Now if you would like to connect to the site now. If you would like to Connect at login/startup, you may select this check box. Click Finish.
Your site is now ready for use. WebDrive will display your server connection as a mapped drive letter. Double-click the WebDrive tray icon to view the WebDrive Monitor or to disconnect from the server.