Try OpenEdge Now
skip to main content
Messaging and ESB Administration : OpenEdge Adapter for SonicMQ Administration : Introducing the OpenEdge Adapter for SonicMQ : SSL-enabled BrokerConnect operation
SSL-enabled BrokerConnect operation
You have the option of configuring BrokerConnect instance to require SSL client connections. You can maintain both SSL-enabled and non-SSL BrokerConnect instances, but a given instance supports only one type of connection, either secure or nonsecure.
Security derives from the client authentication of the server's identity via a Public Key Infrastructure (PKI) and a symmetric data encryption system. To configure an adapter instance for SSL operation, you must:
*Obtain and install a server private key and a public key certificate. OpenEdge provides built-in keys and certificates that are suitable for use on development or demonstration servers; for production machines, you should obtain server certificates from an internal or public Certificate Authority (CA).
*Specify an alias and password for access to the private key/digital certificate.
*Disable session caching, or enable it with a specified time-out.
To perform these configuration tasks, you can use OpenEdge Management/OpenEdge Explorer or manually edit the file. You can use the mergeprop utility installed with OpenEdge to manually edit the file. For information on using mergeprop, see OpenEdge Getting Started: Installation and Configuration.
To connect to an SSL-enabled BrokerConnect, a client application must have access to a digital (public key) certificate (often called a CA Root Certificate) that can authenticate with the digital certificate used by the adapter, and the client must use a secure protocol.
For more information on SSL support in OpenEdge, see OpenEdge Getting Started: Core Business Services - Security and Auditing.