Features and services

SSL provides the following features and services:

Transport independence — An application level wire-protocol that runs on top of a reliable transport protocol, such as TCP/IP.

Application independence — Runs in any application environment as supported by vendor ports to different platforms. OpenEdge, in particular, supports SSL running under:

Internet application environments using HTTPS.

Several OpenEdge application environments, including the OpenEdge RDBMS, the AppServer, the WebSpeed Transaction Server, and the OpenEdge Adapter for SonicMQ BrokerConnect. For more information, seeSSL in OpenEdge.

PKI support — Provides the ability for an SSL client to validate an SSL servers identity, which the server asserts in the form of a public key, so that the client can be assured of who it is communicating with. The server and client use the same key information used to assert the servers identity to securely exchange session-specific symmetric data encryption keys used to provide data privacy for the SSL session.

Limitations on PKI support — The OpenEdge implementation imposes the following SSL limitations:

No support for optional PKI client authentication by the server

No support for checking the CAs CRL list to detect revoked SSL server digital certificates

SSL can have a significant performance impact on any enterprise network application. The OpenEdge implementation of SSL uses SSL session caching when possible to reduce the performance overhead that SSL connections incur (see Session caching. However, note that SSL can impose burdens on network application performance in any case.

Caution: Because of its performance impact, be certain that you need the security that SSL provides before you choose to design and build SSL into your application.