Try OpenEdge Now
skip to main content
Core Business Services - Security and Auditing
Security : SSL in OpenEdge : Managing SSL server identity

Managing SSL server identity

Before you can enable an SSL connection of any kind, you must ensure that SSL servers and clients have access to the required keys and digital certificates to properly authenticate a connection and exchange encrypted communications over it. Each SSL server asserts its identity using a private key and server public-key certificate (key store entry) accessed from the servers key store. Each SSL client must successfully validate the servers identity using a corresponding root public-key certificate (root certificate store entry) accessed from the clients certificate store. The client and server also use their corresponding SSL key and certificate store entries to initiate encrypted communications between them.
OpenEdge provides a common key store for all OpenEdge-managed SSL servers and a common certificate store for all OpenEdge-managed SSL clients. This allows you to use a common set of SSL management tools to support your OpenEdge SSL infrastructure.
Note: OpenEdge provides separate certificate store management for Java Open Clients and relies on Microsofts certificate store management for .NET Open Clients. For Web service clients and Web servers (or JSEs), you must use the key and certificate store tools provided for the specific client or server platform. For more information, see OpenEdge Development: Open Client Introduction and Programming and the documentation for your SSL client or server platform.
You use these OpenEdge key and certificate stores to support both Internet and intranet SSL communications between SSL servers and SSL clients.
For more information on the tools for managing the common OpenEdge key and certificate stores, see OpenEdge Getting Started: Installation and Configuration.
* Establishing SSL server identity
* Using the default SSL server identity
* Managing your own SSL server identity