The HTTPS protocol specifies that OpenEdge use HTTP tunneled through the Secure Sockets Layer (SSL) to connect the client to the AppServer indirectly through a Web server running the AppServer Internet Adapter. HTTPS works like HTTP; in addition, it uses SSL to encrypt all communications between the client and AppServer.
This is the URL syntax to connect an AppServer (or BrokerConnect) using HTTPS (ignore line breaks):
Note: For a .NET Open Client accessing a secure Web server that is running on the client machine, you must specify the Internet host name for the client machine as the value of web-server-host (not"localhost") exactly as it appears in the CN field of the Web server certificate, because .NET automatically validates the exact value of web-server-host against this server certificate field.
For HTTPS, the AIA instance provides a check on Internet connection security, according to the setting of its httpsEnabled property. During the connection process, if OpenEdge determines that the client application is attempting to connect to a secure Web server using HTTP and this httpsEnabled property is turned on (set to 1), OpenEdge silently returns the required HTTPS URL to the client for it to retry the connection.
Note: The default value for this AIA property is off (set to 0). For more information on AIA configuration for HTTPS, see the sections on AIA administration in OpenEdge Application Server: Administration.
To use HTTPS, the client must have a public key certificate available that validates its access to the Web server. For information on how OpenEdge supports public key certificates for ABL applications, see OpenEdge Getting Started: Core Business Services - Security and Auditing. For information on how to manage public key certificates for .NET, Java, and Web service Open Clients, see OpenEdge Development: Open Client Introduction and Programming