Try OpenEdge Now
skip to main content
Core Business Services - Security and Auditing
Security : SSL in OpenEdge : Managing SSL server identity : Establishing SSL server identity
Establishing SSL server identity
OpenEdge supports two basic options to establish an SSL server identity:
*Using the default SSL server identity — A common built-in SSL server identity installed with OpenEdge
*Managing your own SSL server identity — A unique server identity authenticated by a public or private Certification Authority (CA)
For each key store entry on an SSL server, you provide a unique, password-protected alias name in the OpenEdge key store; and for each corresponding root certificate store entry on an SSL client, the SSL management software generates a unique alias name (not password protected) in the OpenEdge certificate store.
A given server identity has a specified lifetime when it is valid. You therefore must update the key store entry for that identity with a new server public-key certificate that is authenticated by a trusted CA when the current certificate expires. At this time, you must also verify that the SSL clients root certificate store still contains a valid root digital certificate for the newly issued SSL server digital certificate and update it if necessary.
The sections that follow describe these options.