-1

I am building a golang offline application for a company that will operate in their office internal Wireless / Wired Network.

There will be one server computer and many client computers communicating over the network. (They are not connected to the Internet).

How should I encrypt the HTTP communication between the clients and the server so that the data is not vulnerable to any attackers who might be snooping on the network?

Harsh Agarwal
  • 675
  • 2
  • 13
  • 28
  • 1
    That is why we have HTTPS. – Ron Maupin Aug 21 '21 at 16:44
  • Viva la [nginx](https://techexpert.tips/nginx/enable-https-nginx/) – Facty Aug 23 '21 at 13:01
  • If you are writing a custom client then HTTPS is almost certainly the best (easiest and most secure) solution. If your clients are standard internet software like browsers then HTTPS is still probably the best solution, but it is much, much, harder and should be compared and contrasted to using something like a VPN, for example something available from the OS you're using or perhaps OpenVPN. – President James K. Polk Aug 23 '21 at 14:44

1 Answers1

0

How should I encrypt the HTTP communication between the clients and the server

Short answer - use https.

They are not connected to the Internet

HTTPS basically works on two parameters. Hostname and trusted authorities.

The best practice would be to assign each service/server a proper internal hostname and use a valid certificate for the hostname.

There are multiple options which you should to choose based on requirements which are not stated. Have a single wildcard cartificate or individual server/service certificates? Using a trusted external CA or create your own CA for certificates? Do you use client-auth mutual SSL? Each option has its advantages and risks.

gusto2
  • 11,210
  • 2
  • 17
  • 36