This course covers the "HTTPS" (secure HTTP) protocol, which can protect communication between web browsers and web servers. This is presented from the point of view of a web server administrator who wishes to configure servers to support such communication. The course includes an outline of the operation and features of the protocol, and covers the practical configuration of an Apache server under Linux. The general principles covered apply to Apache on other platforms, and to other web servers, thought the details will vary.
The course covers other aspects of web server security only in passing, and does not cover general web server installation or configuration issues. A basic understanding of the way that web servers operate, along with some experience of configuring and administering such servers, either on shared or personal machines, is assumed.
The course web site at
contains an up-to-date copy of these notes and related
resources. Requests for assistance by members of the University
on the material covered here can be e-mailed to