skip to main content
Using the Driver : Using Security : Data Encryption and Integrity : SSL Encryption : Designating an OpenSSL Library
  

Try DataDirect Drivers Now
Designating an OpenSSL Library
The driver uses OpenSSL library files (SSL Support Files) to implement cryptographic functions for data sources or connections when encrypting data. By default, the driver is configured to use the most secure version of the library installed with the product; however, you can designate a different version to address security vulnerabilities or incompatibility issues with your current library. Although the driver is only certified against libraries provided by Progress, you can also designate libraries that you supply. The methods described in this section can be used to designate an OpenSSL library file.
Note: For the default library setting, current information, and a complete list of installed OpenSSL libraries, refer to the readme file installed with your product.

File replacement

In the default configuration, the drivers use the OpenSSL library file located in the \drivers subdirectory for Windows installations and the /lib subdirectory for UNIX/Linux. You can replace this file with a different library to change the version used by the drivers. When using this method, the replacement file must contain both the cryptographic and SSL libraries and use the same file name as the default library. For example, the latest version of the library files use the following naming conventions:
Windows:
*Latest version: xxtls28.dll
*1.0.2 and earlier versions: xxssl28.dll
UNIX/Linux:
*Latest version: libxxtls28.so [.sl]
*1.0.2 and earlier versions: libxxssl28.so [.sl]

Designating a library in the default directory

If you are using the default directory structure for the product, you can use the AllowedOpenSSLVersions option to designate a library. To use the AllowedOpenSSLVersions option, specify the version number of the library you want to load. For example, AllowedOpenSSLVersions=1.0.2 loads the 1.0.2 version of OpenSSL library using the following naming convention and format:
*Windows: install_dir\drivers\xxssl28.so [.sl]
*UNIX/Linux: install_dir/lib/libxxtls28.so [.sl]
Note that this method works only with OpenSSL library files that match Progress's naming convention and relative installation location.
If you are using the GUI, this option is not exposed on the setup dialog. Instead, use the Extended Options field on the Advanced tab to configure this option. For more information, see "AllowedOpenSSLVersions."

Designating the absolute path to a library

For libraries that do not use the default directory structure or file names, you must specify the absolute path to your cryptographic library for the CryptoLibName (CryptoLibName) option and the absolute path to your SSL library for the SSLLibName (SSLLibName) option. If you are using OpenSSL library files provided by Progress, these libraries are combined into a single file; therefore, the value specified for these options should be the same. For non-Progress library files, the libraries may use separate files, which would require specifying the unique paths to the libeay32.dll (cryptographic library) and ssleay32.dll (SSL library) files.
If you are using a GUI, these options are not exposed on the setup dialog. Instead, use the Extended Options field on the Advanced tab to configure these options. See "CryptoLibName" and "SSLLibName" for details.