Try OpenEdge Now
skip to main content
DataServer for Microsoft SQL Server
Introduction : DataServer configurations : Configuring distributed DataServer applications using the Unified Broker Framework : SSL-enabled DataServer
 
SSL-enabled DataServer
DataServer components have the option of configuring DataServer client and server instance to require Secure Sockets Layer (SSL) client connections in remote DataServer configurations. Users can maintain both SSL-enabled and non-SSL Transaction Server instances. However a given instance supports only one type of connection, either secure or non-secure.
DataServer Security is based on the client authenticating the server's identity using a Public Key Infrastructure (PKI) and a symmetric data encryption system. To configure a Transaction Server instance for SSL operation, you must:
*Install a server private key and a public key certificate. OpenEdge provides built-in keys and certificates that are suitable for use on development or demonstration servers; for production machines, you should obtain server certificates from an internal or public Certificate Authority (CA).
*Specify an alias and password for access to the private key/digital certificate.
*Disable session caching, or enable it with a specified timeout.
To connect to an SSL-enabled OE DataServer component, Client and Servers must have access to a digital (public key) certificate that can authenticate with the digital certificate used by the server, and the client must be configured to send SSL requests. All OpenEdge-managed SSL servers rely on a common OpenEdge key store to manage the private keys and server digital certificates required to support SSL connections from clients. Similarly, most OpenEdge-managed SSL clients and servers rely on a common OpenEdge certificate store to manage the root CA digital certificates that enable them to establish connections to appropriate SSL servers. With OpenEdge installation a third party Public/Private key pair is provided for testing. The root CA certificate is located in $DLC/keys/default_server.pem and the public key is located in $DLC/certs/pscca.cer.
For more information, about configuring and connecting the DataServer, see:
*Configuring with OpenEdge Management or OpenEdge Explorer
*Starting and stopping a broker process from OpenEdge Management/OpenEdgeExplorer and connecting a client
For more information about the Unified Broker Framework, its elements, and how Unified Broker products such as the DataServer for MS SQL Server work within the framework, see OpenEdge Getting Started: Installation and Configuration.