To enable SSL communications, you must configure both the WebSpeed Messenger and the WebSpeed Transaction Server. Configure the Messenger as follows:
The Messenger must be SSL-enabled, meaning that it sends SSL data to the Transaction Server that is to process the client requests. To configure the Messenger to send SSL requests, you set the property sslEnable=1. You set this property by checking the Enable SSL client connections box in the SSL properties category in OpenEdge Management or OpenEdge Explorer, or by manually editing the ubroker.properties file. In addition, you must obtain and install public key certificates for the Messenger host machine.
Determine whether you want the Messenger to verify the host name for the WebSpeed Transaction Server by comparing it with the Common Name specified in the server digital certificate, and raise an error if they do not match (the default behavior). You can disable this verification by setting the property noHostVerify=1. To do so, check the Disable client verification of SSL host name box in OpenEdge Management or OpenEdge Explorer, or manually edit the ubroker.properties file.
Determine whether you want the Messenger to request reuse of the session ID for successive connections to the same Transaction Server (the default behavior). If not, set the property noSessionReuse=1, either by checking the Disable SSL session reuse box in OpenEdge Management /OpenEdge Explorer or by editing the ubroker.properties file. (The default behavior does not guarantee that session IDs can be reused, because the server might disallow session reuse.)
Configure the Transaction Server as follows:
The Transaction Server must be SSL-enabled, meaning that it accepts SSL requests from the Messenger. You set the property sslEnable=1 by checking the Enable SSL client connections box in the SSL General properties category in OpenEdge Management or OpenEdge Explorer, or by manually editing the ubroker.properties file. You must also obtain and install a server private key and public key certificate, unless you are using the defaults provided with OpenEdge.
In the SSL General properties category in OpenEdge Management or OpenEdge Explorer, select the alias for the private key/digital certificate entry (in the OpenEdge keystore) that you want to secure connections for this Transaction Server. Also enter and confirm the password for this private key and digital certificate. You need not enter a password if you choose to use the default_server certificate and its default password. (Note: The password is encrypted in the ubroker.properties file; if manually editing the file, you must use the genpassword utility to encrypt the password. The properties appear in the file as keyAlias= and keyAliasPasswd=.)
In the SSL Advanced Features properties category in OpenEdge Management or OpenEdge Explorer, you can enter a timeout value that specifies the length of time (in seconds) that a disconnected session is held in the cache. During this specified interval, a connected client can resume its session. To disable session caching, check the box, or edit the ubroker.properties file and set the property noSessionCache=0. The timeout value appears in the file as sessionTimeout=n.
For more information on setting properties for WebSpeed Messengers and Transaction Servers and other Unified Broker products, see the OpenEdge Management or OpenEdge Explorer help or the OpenEdge-Install-Directory\properties\ubroker.properties.README file.