Try OpenEdge Now
skip to main content
Programming Interfaces
External Program Interfaces : Sockets : Implementing ABL socket security : Configuring SSL servers and clients : Configuring SSL servers
 
Configuring SSL servers
For an SSL server, you must have installed a private key and digital (public key) certificate that uniquely identifies your ABL socket server as an SSL server and allows all communications to be encrypted between it and any SSL client. You can use the default key and certificate store provided by OpenEdge without any additional work. This provides default encryption services between all OpenEdge clients and servers and there by eliminates the need for client-server authentication to complete SSL connections.
However, to create a complete SSL implementation that supports all the features of SSL, you must obtain a unique private key and server digital certificate from an industry-recognized certificate authority (a CA such as Verisign, RSA, or Thawte) or create them yourself, as your own private CA, using server certificate administration software that you obtain on your own. Once you have the required private key and digital certificate, you can install it confidentially on your server system using the pkiutil command-line tool provided by OpenEdge. At this point your ABL socket server is ready to enable SSL connections.
For more information on OpenEdge SSL support, CA's, keys, digital certificates, and using pkiutil, see OpenEdge Getting Started: Core Business Services - Security and Auditing.