Reputation: 805
How to encrypt http traffic in an offline enterprise network?
I am building a golang offline application for a company that will operate in their office internal Wireless / Wired Network.
There will be one server computer and many client computers communicating over the network. (They are not connected to the Internet).
How should I encrypt the HTTP communication between the clients and the server so that the data is not vulnerable to any attackers who might be snooping on the network?
Upvotes: -1
Views: 169
Answers (1)
Reputation: 12085
How should I encrypt the HTTP communication between the clients and the server
Short answer - use https.
They are not connected to the Internet
HTTPS basically works on two parameters. Hostname and trusted authorities.
The best practice would be to assign each service/server a proper internal hostname and use a valid certificate for the hostname.
There are multiple options which you should to choose based on requirements which are not stated. Have a single wildcard cartificate or individual server/service certificates? Using a trusted external CA or create your own CA for certificates? Do you use client-auth mutual SSL? Each option has its advantages and risks.
Upvotes: 0
Related Questions
- How to put up an off-the-shelf https to http gateway?
- Encryption in Transit: HTTP to HTTPS
- Offline encryption of IP packets using ESP
- Network traffic Encryption without Certificates
- Encryption/Decryption over the HTTPS Network
- Preventing Man-in-the-middle attacks on non-HTTPS
- What is the best way to encrypt in the internet, and decrypt in a private network?
- Middle Man Server HTTPS/SSL
- Http with Encryption from Client to Server and Server to Client
- Secure connection between client and server