Try OpenEdge Now
skip to main content
Core Business Services - Security and Auditing
Security : SSL in OpenEdge : Configuring and running SSL sessions : Accessing an SSL servers X.500 Subject Name
Accessing an SSL servers X.500 Subject Name
Most user-programmable OpenEdge SSL clients, including ABL clients, .NET Open Clients, and Java Open Clients, provide a mechanism for you to access the authenticated SSL server name of most SSL servers directly involved in an SSL connection. The SSL server name is the X.500 Subject name in the SSL server certificate used to authenticate the SSL server to the client. This name is distinct from and often different than the network host name of the computer on which the SSL server runs.
For Internet connections, where the immediate SSL server is the Web server and not necessarily the final server endpoint for the client, the SSL server name returned is that of the Web server. This is true even if the Internet client ultimately accesses an AppServer that is accessed as an SSL server by middleware provided, for example, by the WSA or AIA.
This feature is a useful tool when you must disable SSL server host name verification (see Table 3), yet you want the application to verify the connected SSL server. Thus, when you disable host name verification, after each SSL connection to a server, you can use this feature to access the SSL server name and verify it manually against an internal list of acceptable SSL server connections.
The following table describes the mechanisms provided by supported, programmable, OpenEdge SSL clients for accessing the SSL server name and indicates where you can find more information about them.
Table 5. Mechanisms for accessing the SSL server X.500 Subject name
This SSL client component:
Uses this mechanism:
To access the SSL server name as described in:
ABL database client
*OpenEdge Development: ABL Reference
ABL client of an AppServer, Web service, or socket server
SSL-SERVER-NAME attribute on the AppServer, Web service, or server socket handle
*For AppServer clients, OpenEdge Application Server: Developing AppServer Applications
*For socket clients, OpenEdge Development: Programming Interfaces
*For all ABL supported SSL clients, OpenEdge Development: ABL Reference
.NET Open Clients
_GetSSLSubjectName() common Open Client object method
*OpenEdge Development: .NET Open Clients
Java Open Clients
_getSSLSubjectName() common Open Client object method
*OpenEdge Development: Java Open Clients