DataServer components have the option of configuring DataServer client and server instance to require Secure Sockets Layer (SSL) client connections in remote DataServer configurations. Users can maintain both SSL-enabled and non-SSL Transaction Server instances. However a given instance supports only one type of connection, either secure or non-secure.

DataServer Security is based on the client authenticating the server's identity using a Public Key Infrastructure (PKI) and a symmetric data encryption system. To configure a Transaction Server instance for SSL operation, you must:

To connect to an SSL-enabled OE DataServer component, Client and Servers must have access to a digital (public key) certificate that can authenticate with the digital certificate used by the server, and the client must be configured to send SSL requests. All OpenEdge-managed SSL servers rely on a common OpenEdge key store to manage the private keys and server digital certificates required to support SSL connections from clients. Similarly, most OpenEdge-managed SSL clients and servers rely on a common OpenEdge certificate store to manage the root CA digital certificates that enable them to establish connections to appropriate SSL servers. With OpenEdge installation a third party Public/Private key pair is provided for testing. The root CA certificate is located in $DLC/keys/default_server.pem and the public key is located in $DLC/certs/pscca.cer.

For more information, about configuring and connecting the DataServer, see:

For more information about the Unified Broker Framework, its elements, and how Unified Broker products such as the DataServer for MS SQL Server work within the framework, see OpenEdge Getting Started: Installation and Configuration.