Release 10.1A: OpenEdge Getting Started:
Core Business Services
Establishing SSL server identity
OpenEdge supports two basic options to establish an SSL server identity:
- Using the default SSL server identity — A common built-in SSL server identity installed with OpenEdge.
- Managing your own SSL server identity — A unique server identity authenticated by a public or private Certification Authority (CA).
For each key store entry on an SSL server, you provide a unique, password-protected alias name in the OpenEdge key store; and for each corresponding root certificate store entry on an SSL client, the SSL management software generates a unique alias name (not password protected) in the OpenEdge certificate store.
A given server identity has a specified lifetime when it is valid. You therefore must update the key store entry for that identity with a new server public-key certificate that is authenticated by a trusted CA when the current certificate expires. At this time, you must also verify that the SSL client’s root certificate store still contains a valid root digital certificate for the newly issued SSL server digital certificate and update it if necessary.
The following sections describe these options.
|
Copyright © 2005 Progress Software Corporation www.progress.com Voice: (781) 280-4000 Fax: (781) 280-4095 |