Try OpenEdge Now
skip to main content
DataServer for Microsoft SQL Server
Connecting the DataServer : Starting ProBroker distributed DataServer broker with SSL-enabled Progress Networking : Non-default SSL certificates

Non-default SSL certificates

The Unified Broker Framework has the “certStorePath” SSL property to specify the path to the trusted certificate store which is the root certificate for the certificate authority that was used to sign the server certificate. Servers using this customized certificate can connect clients instantiated with a matching certificate specified using -certstorepath command line parameter of the client.
However, in a Probroker configuration, responsibility for spawning an SSL or a non-SSL DataServer servers rests with the Probroker based on whether it was instantiated with an SSL or a non-SSL command line parameter. An SSL-enabled ProBroker can include the following startup parameters to customize the brokers use of certificates and key stores.
Table 33. DataServer connection parameters
The path to the trusted certificate store.The root certificate for the certificate authority that was used to sign the server certificate should be specified by this path.
Specifies the key store location.
Specifies the alias set for a private/public key. If this parameter is not provided, the server certificate alias that is provided by OpenEdge is used.
Specifies the encoded password set for the alias of the private/public-key to access the server Private Key / Digital Certificate key store entry. You can use the OpenEdge provided genpassword utility for encoding your passwords
For example a Probroker can be started and customized in SSL mode as follows:
_probrkr -S ccall7sv2 –ssl
-keyalias localhost
-keyaliaspasswd 20333c34252a2137
The above Probroker can establish connection to a client which uses a matching certificate:
prowin32 -pf
-certstorepath E:\\users\\ashukla\\par\\SHA224\\certs