Hello all,
I've put this here, since i can't seem to find an IIS-specific forum in the drop-down (still new here, might have overlooked it)
Apologies to the moderators if i caused you guys more work.
Our company makes use of an application which needs to be accessible from the internet. This application uses a non-standard port, and does not accept any form of SSL-encryption. However, some of the data transferred to the web-based App is confidential (userlogins
and passwords, amongst others), and i've been asked to find a way to secure it. Since English is unfortunately not my native tongue, and the setup is somewhat odd, i'll do my best to sketch what i need visually:
Client <-------> IIS server <--------------> web-based Application
SSL Unencrypted
- I need clients to be able to send their data (passwords and the likes) encrypted to our webserver,
- I also need IIS to then send that same data unencrypted to the application,
- I also need responses from the Application to be re-ëncrypted toward the client (trough IIS)
This server also runs our website, and i'm not allowed to re-locate the web-based app.
Any ideas as to how to set this up? I'm really out of my depths with this one.
Many thanks in advance.