The Progress OpenEdge JMS Adapter supports Transport Layer Security (TLS) for secure communication between the adapter and client applications, such as ABL applications. You enable the TLS configuration for the adapter by updating the ubroker.properties file. This file stores configuration definitions for instances of multiple OpenEdge products, including the JMS Adapter.

To enable TLS for the JMS Adapter, perform the following steps:
  1. Navigate to the $DLC/properties directory, where $DLC is the OpenEdge installation directory, and open the ubroker.properties file in a text editor.
    Note: Progress recommends that you use the mergeprop utility to make property changes in the file.
  2. Locate the Adapter section and update the following set of TLS properties to enable TLS for the JMS Adapter:
    Property Description
    sslEnable Specifies whether to enable TLS for secure connections between the JMS Adapter and client applications. The default value is 0.

    Set the value of this property to 1 to enable TLS for incoming client connections.
    keyAlias Specifies the alias set for a private/public key used in TLS connections. If this property is not set, the default server certificate alias, which is default_server, that is provided by OpenEdge is used. If you are using custom server certificate, set this property to the corresponding alias for your certificate.
    keyAliasPasswd Specifies the encoded password set for the alias of the private/public key to access the private key/digital certificate of the server in the keystore.

    You can use the OpenEdge-provided genpassword utility for encoding your passwords. JMS Adapter supports only the passwords encoded with the ae2 prefix.

    For more information on the genpassword utility, see genpassword.

    The default value is

    ae2h4::f303b4b751e7672938ecc4a60035c6bf51a67fa1e548839e3428b6c4cf4728ab943c17b0a236ad8b3ec4224250b05363
    keyStorePath Specifies the key store location. The default value is $DLC/keys.
    noSessionCache Specifies whether to enable TLS session caching.

    The default value is 0. The valid values are:

    • 0- Enables TLS session caching and session details are stored.
    • 1-Disables TLS session caching and session details are not stored.
    certStorePath Specifies the path to the trusted certificate store that contains the root certificate of the Certificate Authority (CA) that was used to sign the server certificate. The default value is $DLC/certs/.
    sslAlgorithms Specifies the list of TLS algorithms that the server and client use to negotiate and establish a secure TLS connection.
  3. Save the changes and start the JMS Adapter. For more information, see Start the Progress OpenEdge JMS Adapter.