SSL is a Web protocol for establishing authenticated and encrypted sessions between Servers and Clients.
SSL starts with a handshake routine that first establishes a TCP/IP connection.
Next, the server is authenticated to the client by verifying its public key.
Once authenticated, the server selects the strongest cryptographic algorithm supported by both the client and server and within the restrictions enforced by a particular country.
Next, a shared secret key is generated that is used to encrypt all data flowing between the client and server.
Finally, an encrypted SSL connection is established.
As mentioned, all the information that is sent between client and server is encrypted, including all HTTP requests and responses, as well as the URL being requested by clients.
This level of encryption ensures the protection of sensitive information such as credit card numbers, access authorization information (user names), and sensitive data returned by the server.
Because encryption is computationally intensive, SSL sessions are usually only employed when transmitting sensitive information. A typical session goes like this:
1. A user decides to buy something online and clicks a hyperlink called "Buy online through our secure server."
2. The hyperlink establishes an SSL connection. An SSL connection is indicated in the Browser Address field with a URL that starts with "https" instead of "http."
3. Once the transaction is complete, the user clicks another hyperlink to return to the normal HTTP mode and the encrypted SSL session is terminated.
This jumping in and out of secure mode is required to prevent unnecessary encryption of data that reduces performance. However, a user can choose to connect with any SSL-compliant site and obtain full SSL security by typing https in the Address field when entering the URL for the site.
The "s" in the URL tells the client and server to initiate SSL and connect with an SSL port.
SSL is used by a variety of applications to establish secure connections. For example, the IETF’s directory services standard, LDAP (Lightweight Directory Access Protocol), uses SSL to establish secure connections between clients. Other applications may use SSL as well.
A typical Web site is configured with SSL ports and non-SSL ports. SSL uses port 443 by default, although other ports can be configured. Other SSL ports include port 465 (SSL SMTP mail send), port 995 (SSL POP3 mail retrieve), 563 (SSL USENET), and 636 (SSL LDAP).
Since Progress OpenEdge 10.0B SSL is supported for the following Progress products.
- Progress DataBase:
- WebSpeed
- AppServer
- SonicMQ 4GL Adapter
- Web Services
- Client:
- 4GL
- OpenEdge SQL
- Open Client (Java & .NET)
- ESB Adapter
