Support of SSL cleint certificate - Forum - Community Groups - Progress Community

Support of SSL cleint certificate

 Forum

Support of SSL cleint certificate

  • Are there any plans to support the SSL client certificate in a coming release of OpenEdge?

    Thanks in Advance and Best Regards, Richard.

  • Hi Richard,

    maybe it's a good idea to refrerence the original discussion here:

    http://communities.progress.com/pcom/message/157376#157376

  • Anybody?

    Thanks and Best Regards, Richard.

  • Is there any information available on how Progress does / will /can OR don't / won't / can't support the SSL client certificate in OpenEdge?

    We are now at the the point where we need to make decisions about the future development, whether we can continue developing applications with OpenEdge or whether we must switch to a Java / Oracle based solution and migrate the existing applications due to unacceptable risks in not being able to do strong authentication with OpenEdge.

    Any input is very much appreciated.

    Thanks in Advance and Best Regards, Richard.

  • Any feedback about if/when this might be implemented?

  • I have asked/forwarded this thread to our product management team... but due to Thanksgiving I'm not sure we'll be able to get back to you today... I'm confident PM will answer back early next week.

  • We have this on our backlog of enhancement requests, and it is marked as a medium high priority (high priority items are those that are considered ship / no ship criteria, i.e. we would not ship the release unless the feature was implemented). At the moment our goal is to implement SSL Client authentication in the ABL that makes use of the clients digital certificate in the next OpenEdge release.

    The usual caveats apply- this statement is not a commitment that we will deliver this functionality in the timeframe mentioned.

  • What happened to this Enhancement ?   is it implemented ?   where is the Enancement (Idea ) ?  now days ?

  • Yes, SSL Client Authentication was implemented in OpenEdge 11.4.

    Please go through the following Kbase for more information:

    knowledgebase.progress.com/.../P100618

    Or you can find information in OpenEdge documentation also.

  • Great thanks!  Do you know if it is implemented in regular ABL client/appserver to ?  (not just Web Services)  (ie for the appserver agent to get info from the client certificate)

  • 1) Client authentication only implemented in ABL client to access SOAP service and it is not there for ABL client.

    2) Yes client connection can be used if any appserver agent connecting/accessing external SOAP service.