Once the HTTPS (TLS) certificates and client-key are installed, they should be tested to ensure that the PAS for OpenEdge instance can connect to the OpenEdge Authentication Gateway. To test the connection:

  1. Test access to the installed Authentication Gateway client-key with the stskeyutil verifycommand. For example:
    oe_install_dir/bin/stskeyutil verify -file oeagserverkey.ecp -info

    Successful verification is indicated by the following message:

    Server key validation success
  2. After verifying that the Authentication Gateway is running, test HTTP connectivity to the OEAG server ( ensure the server is running before you do this )
    oe_install_dir/bin/stsclientutil -cmd ping -url https://oeagd-dns-name:oeag-port-number  [ -nohostverify ]
    Note: Only use -nohostverify when connecting to an Authentication Gateway that is using the OpenEdge-supplied default server certificate, which is used in application development or testing situations but not for actual application deployment.

See STS Key Utility (stskeyutil) and STS Client Utility (stsclientutil) for more information about these utilities and their command-line options.