Known issues in OpenEdge 12.2.15

Java open client cannot connect to AppServer or a PASOE server using HTTPS if the application server is configured to use the default server certificate and the default certificate is not available in the certificate store of the open client application.This change is likely to impact Java Open Client applications in development environments and production applications that rely on the convenience of the default configuration. This change also affects TLS secured connections from OpenEdge Management to Adminserver, PDSOE to OEM, TLS secured connections from Progress Application Server to OE Auth Gateway, and TLS secured connections from AdminServer to PASOE.

.NET Open Client relies on the TLS implementation that is built into the .NET runtime for HTTPS connections to the OpenEdge application servers. The TLS implementation validation logic provided by .NET requires all certificates presented by a server be properly signed and the complete certificate chain for the the server certificate be available for validation. The ROOT certificate or the web server certificate must be installed into the ROOT certificate trust store for the platform..NET Open Client will not be able to connect to an AppServer or PASOE instance using HTTPS if the application server instance is configured to use the application server certificate that is configured by default for convenience. The default application server certificate must be replaced with a valid server certificate and the ROOT signing certificate must be installed onto the machine of the .NET Open Client application. A self-generated ROOT CA that is installed in the ROOT Certificate store may be used as long as the root’s private key is properly protected. In either case, the ROOT certificate must be installed into the ROOT certificate store.  This change is likely to impact .NET open client applications in development environments and production applications if they rely on the convenience of the default configuration.