Try OpenEdge Now
skip to main content
Core Business Services - Security and Auditing
Security : Security in OpenEdge : Adding Server Name Indication (SNI)
 

Adding Server Name Indication (SNI)

Server Name Indication (SNI) is an extension to the TLS computer networking protocol. It allows the client to add the hostname that it attempts to connect to during the handshake as a part of the TLS negotiation. It enables the server to select the required domain name and present the certificate with the correct name. It also allows the server to present multiple certificates on the same IP address and TCP port number and thus allow multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate.
OpenEdge supports SNI only for ABL Client and .NET Open Client.
Set the following parameters in the connection-parameters argument of the ABL Client’s CONNECT() method:
–servername
Specifies the server name in SSL connection initialization for client that it sends to the server as part of the TLS negotiation.
Here is an example of the ABL Client CONNECT() method:
IF happsrv1:CONNECT("-URL https://localhost:8443/ -servername www.example.com") THEN
Note: If your ABL client uses WSDL and SOAP connections where WSDL and SOAP services are configured in two machines (using two different Tomcat servers), use the -wsdlServername and -soapServername respectively. For example,
IF happsrv1:CONNECT("-URL https://localhost:8443/ -wsdlServername www.server1.com -soapServername www.server2.com") THEN.
You can set SNI for a .NET client by using the following property:
Progress.Open4GL.RunTimeProperties.ServerName = "servername";
servername
Specifies the server name in SSL connection initialization for client that it sends to the server as part of the TLS negotiation.