.NET Open Clients securely connect to ABL application servers using HTTPS (Hypertext Transfer Protocol Secure) connections. This protocol encrypts data sent between clients and application servers. To encrypt the data, the clients and servers must share a certificate. TLS (Transport Layer Security) is configured on the application server by the system administrator. The system administrator supplies the necessary certificate files used to verify that the server is a trusted applications server.

For more information on how to set up server security, see Use TLS in PAS for OpenEdge in Manage Progress Application Server (PAS) for OpenEdge. Client developers must then import the server certificates into their client keystore.

Import server certificates on .NET Open Clients

.NET Open Clients use the .NET Framework certificate management systems.

To import user certificates:

  1. Search for :
    • Manage User Certificates in the Windows Search box for user certificates. The certmgr utility opens.
    • Manage computer certificates in the Windows Search box for computer certificates. The certlm utility opens.
  2. Create or select the folder where you want to store your server certificates.
  3. Right click to select All Tasks... > Import.
  4. Locate and import your certificate.
  5. When clients connect to the application server using HTTPS , the keystore is automatically checked for a valid server certification.

Certificates for development and test systems

OpenEdge ships a small set of root digital certificates from leading industry Certificate Authorities (CAs), with the Open Client Toolkit. These digital certificates are intended only for use during development and test cycles. Production systems should use certificates from a Certificate Authority.

The certificate files included with the Open Client Toolkit are stored in .zip and .jar files called certificate store files, in the DLC/certs directory. Each certificate store file holds several individual root digital certificates and contains one digital certificate list (.dcl file) that lists all certificate files stored in the file.

The individual certificates have one of the following formats:

  • DER — These file types have extensions of .cer and .crt. There is no difference between these types. One file stores one binary certificate.
  • PEM — These file types have extensions of .pem, .txt, and .0. There is no difference between these types. One file stores one or more certificates.

You can use procertm to convert digital certificates between .der and .pem file formats. For more information see Convert digital certificates in Java Open Clients.