Why is HTTPS-Secure Important for Contrail?
The Whitehouse mandated HTTPS (HyperText Transfer Protocol Secure) connection for Federal publicly-accessible websites back in 2015. The directive instructs Federal agencies with publicly accessible websites to provide service only through a secure HTTPS connection that encrypts nearly all information during communication between the website and user. (See M-5-13 memorandum “Policy to Require Secure Connections across Federal Websites and Web Services“.
Encryption between Browser and Contrail Server
Starting in January of 2017, Google Chrome will begin indicating all websites that do not use encryption as “Not Secure”. Other major web browsers (Opera, Mozilla Firefox, Safari, Edge) will likely do the same. (Learn more here)
Why have TLS/SSL Certificates?
A TLS/SSL* certificate is required to enable encryption and authentication on your site domain and use the HTTPS protocol. HTTPS-secure provides an encrypted connection between the browser and the Contrail server. This ensures that the data transmitting between your browser and the Contrail server is safe by making sure that unintended users are unable to intercept the traffic. A particular instance in which this type of secure connection is highly important is during username login and password access to the application. If you do not have HTTPS certificates configured, the “not secure” warning could put off public users from visiting your site, and leave you vulnerable to “Man-In-The-Middle” attacks when visiting your Contrail instance.
All OneRain-hosted editions of Contrail are HTTPS secure
*TLS/SSL (Transport Layer Security/Secure Sockets Layer) is the de facto standard for encrypted and authenticated communications between clients and servers on the Internet.
Since 1992, OneRain has been providing solutions that optimize water management, heighten regulatory compliance, achieve successful civil works, and save lives. Headquartered in Longmont, Colorado, OneRain’s software and services deliver mission critical information to serve clients responsible for flood early warning, dam safety and reservoir operations, water resources, stormwater and wastewater management. For more information, visit www.onerain.com or call 800-758-RAIN (7246).