Try OpenEdge Now
skip to main content
DataServer for Microsoft SQL Server
Introduction : SSL enabled DataServer for MS SQL

SSL enabled DataServer for MS SQL

Configuring the client and server components of a remote DataServer connection with Secure Sockets Layer (SSL) communications is optional. Users can maintain both SSL-enabled and non-SSL instances of a DataServer broker environment. However a given instance supports only one type of connection, either secure or non-secure.
DataServer Security is based on the client authenticating the server's identity using a Public Key Infrastructure (PKI) and a symmetric data encryption system. To configure a Broker instance for SSL operation, you must:
*Install a server private key and a public key certificate. OpenEdge provides built-in keys and certificates that are suitable for use on development or demonstration servers; for production machines, you should obtain server certificates from an internal or public Certificate Authority (CA).
*Specify the keyAlias and keyAliasPasswd parameters in the UBroker.MS.mssbroker1 section of the file for access to the private key/digital certificate
*Disable session caching of the orabroker using the noSessionCache parameter, or enable it with a specified timeout using the sessionTimeout parameter.
For more information see Establishing the SSL protocol in a DataServer broker instance of the Unified Broker and Unified Broker section and the OpenEdge Getting Started : Core Business Services – Security and Auditing guide.
To connect to an SSL-enabled OE DataServer component, Client and Servers must have access to a digital (public key) certificate that can authenticate with the digital certificate used by the server, and the client must be configured to send SSL requests. All OpenEdge-managed SSL servers rely on a common OpenEdge key store to manage the private keys and server digital certificates required to support SSL connections from clients. Similarly, most OpenEdge-managed SSL clients and servers rely on a common OpenEdge certificate store to manage the root CA digital certificates that enable them to establish connections to appropriate SSL servers. With the OpenEdge installation, a third party Public/Private key pair is provided for testing. The root CA certificate is located in $DLC/keys/default_server.pem and the public key is located in $DLC/certs/pscca.cer.
* Distributed DataServer configuration with SSL for MSS
* Distributed DataServer using Unified Broker
* Distributed DataServer using ProBroker