Encrypted Data Without SSL

dean · Post by **dean** » Wed Jan 18, 2006 11:19 pm

Is there a way to send / receive encrypted data to and from Vault without using SSL? Maybe with a third party encryption / decryption program that performs alongside Vault over a non-secure http connection?

Why I ask is because I am at a customer site which does not allow SSL connections (they have closed port access on their firewall for SSL). They have done this because they want to be able to monitor mainly their outgoing traffic to make sure that their intellectual property is not being transmitted out of the companies intranet. SSL would allow their intellectual property to be encrypted and transmitted outside the intranet. But, because we use SSL for access to Vault, I can't use Vault to check-in / check-out while at this customer site. I know I could remove the SSL restriction, but then I would be exposing my company's intellectual property to the world.

lbauer · Post by **lbauer** » Thu Jan 19, 2006 8:32 am

We're not familiar with any third-party encryption tools that might work with Vault. If other Vault users have had experience with this, please post here.

Post by **jclausius** » Thu Jan 19, 2006 8:59 am

I haven't tried this, but I *think* this might be a possible work around -

If you configure the home base IIS to run SSL on port 80. Then for all Vault connections, specify SSL and use ":80" on the end of your server's name for the connection.

JimHugh · Post by **JimHugh** » Thu Jan 19, 2006 10:07 am

Do they allow VPN access?

If so, a VPN connection would be encrypted.

dean · Post by **dean** » Thu Jan 19, 2006 8:51 pm

No, the customer doesn't allow VPN connections through the normal VPN port either. Our IT personnel are looking into purchasing a hardware solution to provide port 80 VPN access.

Thanks for the suggestions, but so far nothing is getting through the customer's proxy / firewall. It's pretty strict.