When should I use SSL on my web server?

The following list offers situations for which using Secure Sockets Layer (SSL) is appropriate, and can help you decide whether to use SSL on your web server. It is not an exhaustive list, and you may encounter other situations when using SSL would be appropriate.

You should use SSL when transmitting the following types of data:

  • Authentication data (e.g., passwords, session cookies)
  • Data that data stewards have classified as non-public
  • Data that needs to be protected from modification on its way to or from the server (e.g., user input or a result set from the server)

It is important to remember that although SSL can protect the flow of information between your server and a web browser, using SSL does not offer any additional system level security. You must maintain a rigorous security program in order to ensure that your server is secure; see Tips for staying safe online.

This is document alwg in the Knowledge Base.
Last modified on 2017-12-07 15:42:37.

  • Fill out this form to submit your issue to the UITS Support Center.
  • Please note that you must be affiliated with Indiana University to receive support.
  • All fields are required.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.

  • Fill out this form to submit your comment to the IU Knowledge Base.
  • If you are affiliated with Indiana University and need help with a computing problem, please use the I need help with a computing problem section above, or contact your campus Support Center.

Please provide your IU email address. If you currently have a problem receiving email at your IU account, enter an alternate email address.