To enable SSL security between SSL clients and servers, you must manage access to the public and private keys for each SSL client and server, respectively. How you do this depends on the SSL configuration you are managing. To secure an AppServer using SSL, you can configure the AppServer connections in two different ways or in combination, as follows:
1. Internet-secure AppServer — A secure connection over the Internet between the AppServer client and a Web server that hosts an appropriate OpenEdge adapter to access the AppServer. The connection between the client and Web server is secured using HTTPS (HTTP tunneled through SSL).
2. SSL-enabled AppServer — A secure connection directly between the client and the AppServer. This connection is secured by tunneling the direct AppServer protocol through SSL.
3. Internet-secure and SSL-enabled AppServer — A combination of steps 1 and 2, where the connection between the AppServer client and the Web server is secured using HTTPS (as in step 1) and the connection between the appropriate OpenEdge adapter and AppServer is secured using SSL tunneling, similar to a direct connection between the AppServer client and AppServer (as in step 2).
Note: This configuration is likely to incur the heaviest performance penalty of the three because it uses two SSL connections, each of which requires encryption and decryption of data for each client request and for each AppServer response.
The remaining sections on SSL and the AppServer describe: