Salesforce

How to setup SSL for the AIA?

Printable View
« Go Back

Information

 
TitleHow to setup SSL for the AIA?
URL NameP151000
Article Number000132034
EnvironmentAll Supported Operating Systems
Progress 9.x
OpenEdge 10.x, 11.x
Question/Problem Description
How to setup SSL for the AIA?
How to setup SSL for the AppServer Internet Adapter?
Steps to Reproduce
Clarifying Information
Error Message
Defect Number
Enhancement Number
Cause
Resolution
The AIA acts as an intermediary between the AppServer or BrokerConnect and clients that must access the server over the Internet.

An application session involves two distinct connections, each of which is configured separately with respect to security.

 

The first connection is Internet-based between the client and the AIA.
For this connection to be secure, the following conditions must be met:

 

  • The client must use HTTPS protocol to send requests.
  • The AIA must be HTTPS-enabled; that is, it must be configured to accept HTTPS requests from
    clients (via the Java Servlet Engine (JSE) or Web server).

To configure the AIA to accept HTTPS connection requests, the value of httpsEnabled must be set to 1 (default is 0 -- off). 

 

This can be enabled by checking the HTTPS enabled box in the General properties category in the Progress Explorer,
or by manually editing the ubroker.properties file to set httpsEnabled=1.

 

 

 

The Java Servlet Engine or Web server must support server authentication.

Supporting server authentication requires that X.509 digital certificates be installed on both the Web server (or JSE) and the client machine.
Each Java Servlet Engine,JSE

At each Web server to be accessed, a server certificate that uniquely identifies this Web server must be installed.

As part of the SSL protocol, this server certificate is sent from the Web server to the client.
 

The second connection is via AppServer protocol between the AIA and the AppServer or BrokerConnect.
For this connection to be secure, the following conditions must be met:

 

  • The AIA must be SSL-enabled, meaning that it sends SSL data to the AppServer or
    BrokerConnect that is to process the client requests. To configure the AIA to send SSL
    requests, you set the property sslEnable=1. You set this property by checking the Enable
    SSL AppServer connections box in the SSL properties category in the Progress Explorer
    or by manually editing the ubroker.properties file. In addition, you must obtain and
    install public key certificates for the AIA host machine.
  • The AppServer or BrokerConnect must be SSL-enabled, meaning that it accepts SSL
    requests from the AIA (or other clients). You set the property sslEnable=1 by checking
    the Enable SSL Client Connections box in the SSL General properties category in the
    Progress Explorer, or by manually editing the ubroker.properties file. You must also
    obtain and install a server private key and public key certificate and set additional SSL
    server properties.
Workaround
Notes
References to Written Documentation:

Online Documentation:
OpenEdge® Application Server:  Administration

Keyword Phrase
Last Modified Date9/13/2015 4:21 AM
Powered by