Try OpenEdge Now
skip to main content
Administration
AppServer and Internet Adapter Administration : Configuring and Managing the AppServer Internet Adapter : Installing the AppServer Internet Adapter : Security considerations for AIA administration
 
Security considerations for AIA administration
The AIA acts as an intermediary between the AppServer or BrokerConnect and clients that must access the server over the Internet. Thus, an application session involves two distinct connections, each of which is configured separately with respect to security.
The first connection is Internet-based between the AIA and the client. For this connection to be secure, the following conditions must be met:
*The client must use HTTPS protocol to send requests.
*The AIA must be HTTPS-enabled; that is, it must be configured to accept HTTPS requests from clients (via the Java container or Web server). To configure the AIA to accept HTTPS connection requests, you set the property httpsEnabled=1 by manually editing the ubroker.properties file. As an alternative, you can use OpenEdge Management or OpenEdge Explorer.
*The Java container or Web server must support server authentication. Supporting server authentication requires that X.509 digital certificates be installed on both the Web server (or Java container) and the client machine. At each Web server to be accessed, a server certificate that uniquely identifies this Web server must be installed. As part of the SSL protocol, this server certificate is sent from the Web server to the client. See Enabling the Web server or Java container for SSL operation for more information.
The second connection is via AppServer protocol between the AIA and the AppServer or BrokerConnect. For this connection to be secure, the following conditions must be met:
*The AIA must be SSL-enabled, meaning that it sends SSL data to the AppServer or BrokerConnect that is to process the client requests. To configure the AIA to send SSL requests, you set the property sslEnable=1. You set this property by manually editing the ubroker.properties file or by using OpenEdge Management or OpenEdge Explorer. In addition, you must obtain and install public key certificates for the AIA host machine.
*The AppServer or BrokerConnect must be SSL-enabled, meaning that it accepts SSL requests from the AIA (or other clients). You set the property sslEnable=1 by manually editing the ubroker.properties file or by using OpenEdge Management or OpenEdge Explorer. You must also obtain and install a server private key and public key certificate and set additional SSL server properties.
* AIA behavior in an SSL environment
* Obtaining more information on SSL operations