Release 10.1A: OpenEdge Development:
Programming Interfaces

Implementing 4GL socket security

You can use the Secure Sockets Layer (SSL) to provide a security infrastructure that protects communications between a socket client and server. SSL provides data privacy over network connections and authentication between clients and servers on those connections using elements of Public Key Infrastructure (PKI). These elements include private and public keys that the clients and servers use to authenticate each other and to set up data encryption and decryption services between the initiator of the communications (SSL client) and the responder (SSL server). The server is identified by the private key that it stores and the client is identified as a valid SSL client for that server by the public key that it stores and provides to the server. SSL clients gain access to public keys using digital (public key) certificates provided by a trusted certificate authority (CA) that also provides the private key confidentially to the SSL server.

Like socket communications in general, SSL is both application and transport independent. This section describes how to implement and manage SSL for Progress 4GL applications communicating over TCP/IP sockets.

For more information on SSL and how it uses private and public keys and public key certificates to handle security tasks in these contexts, see OpenEdge Getting Started: Core Business Services .

Note: SSL incurs heavy performance penalties, depending on the client, server, and network resources and load.

To set up and connect 4GL socket servers and clients with SSL:
  1. On your 4GL socket server, create and configure the private key and certificate store required to identify your socket server as an SSL server.

  2. On your 4GL socket client, create and configure the public key certificate store required to access your SSL server as an SSL client.

  3. Startup and ensure that your 4GL socket server has enabled connections for SSL.

  4. Startup and connect your 4GL client as an SSL client to your SSL server.

  5. Invoke socket operations in SSL sessions.

The following sections describe these tasks.

Copyright © 2005 Progress Software Corporation
 www.progress.com
Voice: (781) 280-4000
Fax: (781) 280-4095