Release 10.1A: OpenEdge Getting Started:
Core Business Services

Accessing an SSL server’s X.500 Subject Name

Most user-programmable OpenEdge SSL clients, including the Progress 4GL clients, .NET Open Clients, and Java Open Clients, provide a mechanism for you to access the authenticated SSL server name of most SSL servers directly involved in an SSL connection. The SSL server name is the X.500 Subject name in the SSL server certificate used to authenticate the SSL server to the client. This name is distinct from and often different than the network host name of the computer on which the SSL server runs.

For Internet connections, where the immediate SSL server is the Web server and not necessarily the final server endpoint for the client, the SSL server name returned is that of the Web server. This is true even if the Internet client ultimately accesses an AppServer that is accessed as an SSL server by middleware provided, for example, by the WSA or AIA.

This feature is a useful tool when you must disable SSL server host name verification (see Table 7–3), yet you want the application to verify the connected SSL server. Thus, when you disable host name verification, after each SSL connection to a server, you can use this feature to access the SSL server name and verify it manually against an internal list of acceptable SSL server connections.

Table 7–5 describes the mechanisms provided by supported, programmable, OpenEdge SSL clients for accessing the SSL server name and indicates where you can find more information about them.

Table 7–5: Mechanisms for accessing the SSL server X.500 Subject name

This SSL client component...	Uses this mechanism...	To access the SSL server name as described in...
Progress 4GL database client	SSL-SERVER-NAME function.	OpenEdge Development: Progress 4GL Reference
Progress 4GL client of an AppServer, Web service, or socket server	SSL-SERVER-NAME attribute on the AppServer, Web service, or server socket handle.	For AppServer clients, OpenEdge Application Server: Developing AppServer Applications For socket clients, OpenEdge Development: Programming Interfaces For all 4GL supported SSL clients, OpenEdge Development: Progress 4GL Reference
.NET Open Clients	_GetSSLSubjectName() common Open Client object method.	OpenEdge Development: .NET Open Clients
Java Open Clients	_getSSLSubjectName() common Open Client object method.	OpenEdge Development: Java Open Clients