Connecting an SSL client to an SSL server

When you connect an ABL socket object to an SSL server socket, you must specify the connection as an SSL connection. Your connecting client must be able to authenticate itself to the SSL server, and you can optionally require the server to authenticate itself to your SSL client.

Note: Be very sure you need SSL before using this option. SSL incurs more or less heavy performance penalties, depending on resources and load.

To connect an ABL socket object to an SSL server socket, include the SSL parameters shown in the following table as part of the connection parameters string that you pass to the socket object CONNECT() method. For additional information, see Implementingan ABL socket client.

Table 70. Client socket object SSL connection parameters
Connection parameter	Description
-ssl	Directs that the connection to the server socket use SSL tunneling.
-nosessionreuse	If specified, the connection does not reuse the SSL session ID when reconnecting to the same SSL server.
-nohostverify	If specified, turns off host verification for an SSL connection. Without this parameter specified, the client compares the host name by the -H parameter with the Common Name specified in the server digital certificate, and raises an error if they do not match. With this parameter specified, the client never raises the error.

For more information on OpenEdge SSL support and connecting an SSL client to an SSL server, see OpenEdge Getting Started: Core Business Services - Security and Auditing.