HTTPS

Introduction

Hyper Text Transfer Protocol Secure (HTTPS) is the secure version of HTTP. It is the internet communication protocol that protects the integrity and confidentiality of data that is sent between the user's computer and the website that the user is connected to. To create this secure connection, the SSL (Secure Sockets Layer) certificate is used. SSL certificates use advanced encryption to prevent hackers from reading any data that passes to or from a website.

Web security is now more important than ever and it is a top priority for internet users. The insecure HTTP connection is on its way out. Thus, Sana requires only secure HTTPS connection:

• The entire Sana Commerce solution (Sana web store and Sana Admin) must run over HTTPS. The Web server where the Sana Commerce solution will be installed must support TLS 1.2.
• The Web service which is used to establish connection between Sana and your ERP system must run over HTTPS. The server where the ERP Web service will be installed must support TLS 1.2.

Sana Commerce Installer provides a possibility to install Sana with the SSL certificate right away, so the entire Sana Commerce solution, both Sana web store and Sana Admin, will run over HTTPS. Thus, you must obtain the security certificate from the certificate authority (CA) before installing Sana. If you don't have the SSL certificate, you can also install Sana without it, and secure your web store with SSL once you obtain the security certificate.

For more information about how to secure the ERP Web service with SSL, refer to the installation manual for your ERP system.