Try OpenEdge Now
skip to main content
Programming Interfaces
External Program Interfaces : Sockets : Implementing ABL socket security
 

Implementing ABL socket security

You can use the Secure Sockets Layer (SSL) to provide a security infrastructure that protects communications between a socket client and server. SSL provides data privacy over network connections and authentication between clients and servers on those connections using elements of Public Key Infrastructure (PKI). These elements include private and public keys that the clients and servers use to authenticate each other and to set up data encryption and decryption services between the initiator of the communications (SSL client) and the responder (SSL server). The server is identified by the private key that it stores and the client is identified as a valid SSL client for that server by the public key that it stores and provides to the server. SSL clients gain access to public keys using digital (public key) certificates provided by a trusted certificate authority (CA) that also provides the private key confidentially to the SSL server.
Like socket communications in general, SSL is both application and transport independent. This section describes how to implement and manage SSL for ABL applications communicating over TCP/IP sockets.
For more information on SSL and how it uses private and public keys and public key certificates to handle security tasks in these contexts, see OpenEdge Getting Started: Core Business Services - Security and Auditing.
Note: SSL incurs heavy performance penalties, depending on the client, server, and network resources and load.
To set up and connect ABL socket servers and clients with SSL:
1. On your ABL socket server, create and configure the private key and certificate store required to identify your socket server as an SSL server.
2. On your ABL socket client, create and configure the public key certificate store required to access your SSL server as an SSL client.
3. Startup and ensure that your ABL socket server has enabled connections for SSL.
4. Startup and connect your ABL client as an SSL client to your SSL server.
5. Invoke socket operations in SSL sessions.
The sections that follow describe these tasks.
* Configuring SSL servers and clients
* Enabling SSL server connections
* Connecting an SSL client to an SSL server
* Invoking socket operations for SSL sessions