Try OpenEdge Now
skip to main content
New and Revised Features
What's New in 11.7 : OpenEdge Server Technology
 

OpenEdge Server Technology

OpenEdge Release 11.7 contains Server Technology updates to provide the following features:
*Native Java Distribution (JSSE) Support — Starting with OpenEdge 11.7, the default Transport Layer Security (TLS) network library for the following has changed from the RSA vendor to Native Java distribution (JSSE):
*AppServer broker (client connections)
*WebSpeed broker (client connections)
*Java OpenClient (connection to application servers)
*AIA adapter (connection to application servers)
*WSA adapter (connection to application servers)
*REST adapter (connection to application servers)
*If the OpenEdge 11.7 JSSE library's TLS restrictions do not allow network connections, you may temporarily revert to using the RSA library.
*Wildcard Support — You can add a wildcard " * " character in the subject name or common name fields in the public key certificate so that you can define a single common name for multiple domain names. For example, a certificate with "*.bedford.progress.com " common name can be used for user1.bedford.progress.com, user2.bedford.progress.com, or user3.bedford.progress.com.
*Subject Alternate Name (SAN) Support — You can now use Subject Alternative Name (SAN) to specify additional host names (values) to be protected by a single SSL certificate using a subjectAltName field. It allows more than one host to use the same copy of a single certificate. At the server-level, you can create multiple virtual hosts and add these hosts to the subjectAltName field of the certificate. You generate a certificate with SAN and the clients can connect to the server using subjectAltName. Whenever HTTPS request comes to any of the virtual host, the server uses the same certificate for SSL handshake.
*Server Name Indication (SNI) Support — You can now add Server Name Indication (SNI) by setting parameters in the client’s CONNECT() method. It allows the client to add the hostname that it attempts to connect to during the handshake as a part of the TLS negotiation. It enables the server to select the required domain name and present the certificate with the correct name. It also allows the server to present multiple certificates on the same IP address and TCP port number and thus allow multiple secure (HTTPS) websites (or any other Service over TLS) to be served off the same IP address without requiring all those sites to use the same certificate.
Note: OpenEdge supports SNI only for ABL Client and .NET Open Client.
*HornetQ Support — OpenEdge has certified the JMS-compliant vendor, HornetQ for generic Java Message Service (JMS) adapter.
*Sslj utility — The sslj utility helps you to test and troubleshoot SSL or TLS communication and list the ciphers and protocols using the same Java JSSE library that is used by all Java based OpenEdge products such as classic Appserver, PAS for OE, classic WebSpeed, Java OpenClient, and OEM. The utility is located in $DLC/bin.
*OpenSSL Library Upgrade: OpenSSL Library is upgraded to 1.1.0c.
For more information on these topics, see:
Manuals:
OpenEdge Application Server: Administration
OpenEdge Development: Messaging and ESB
OpenEdge Getting Started: Core Business Services - Security and Auditing