Try OpenEdge Now
skip to main content
Programming Interfaces
External Program Interfaces : Sockets : Implementing ABL socket security : Enabling SSL server connections
 
Enabling SSL server connections
When you enable SSL connections on an ABL server socket object, the socket accepts connections only from SSL clients that can authenticate to your ABL application as an SSL server.
Note: Be very sure you need SSL before using this option. SSL incurs more or less heavy performance penalties, depending on resources and load.
To enable SSL connections on an ABL server socket object, include the SSL parameters shown in the following table as part of the connection parameters string that you pass to the server socket object ENABLE-CONNECTIONS() method. For additional information, see Implementingan ABL socket server.
Table 69. Server socket object SSL connection parameters
Connection parameter
Description
-ssl
Specifies the all connections to this server socket must use SSL.
-keyalias aliasname
Sets the alias name within the keystore of the private key and digital certificate entry to use to authenticate all connections to this server socket. If not specified, the server socket uses the default_server server certificate alias.
-keyalaispasswd encrypted-password
Sets the password to use for accessing the private key and digital certificate. You must specify a password when you specify the -keyalias option and the password must be encrypted. You must specify the password as an encrypted value that you can obtain using the genpassword utility located in the bin directory of your OpenEdge installation.If you use the default_server server certificate, it also has a default password that you do not need to specify.
-nosessioncache
If specified, caching for the SSL client session is disabled.
-sessiontimeout [seconds]
Specifies, in seconds, the length of time that an SSL client session is held in the session cache, during which an SSL client can resume its session. The default is 180 seconds.
For more information on OpenEdge SSL support, key and certificate stores, the genpassword utility, and enabling connections to SSL servers, see OpenEdge Getting Started: Core Business Services - Security and Auditing.