The mkhashfile command-line utility provides a simple way to install a root certificate that is authorized by your own internal-use CA, or any CA that can provide you with a PEM-encoded certificate (typically in a file named with the .pem extension). If you are using your own certificate server to provide the certificate, refer to the documentation for the certificate server administration software for information on how to obtain PEM-encoded certificates. After you have the certificate accessible to your OpenEdge TLS client machine, you can use the mkhashfile command-line utility to install it in the OpenEdge root certificate store.

To use mkhashfile to create an entry in the OpenEdge root certificate store for a local PEM-encoded certificate file, vsigntca.pem, specify the file with the mkhashfile command that you enter in the OpenEdge Proenv command window. For example:

proenv>mkhashfile vsigntca.pem

OpenEdge Release 11.4 as of Fri Oct 14 00:15:12 EST 2011

Running SSLC command ...
Copying vsigntca.pem and 18d46017.0 to C:\Progress\OpenEdge\certs
proenv>

The utility generates the entry as a file with an encrypted filename, 18d46017.0, which is the alias used to identify the certificate store entry. You can then manage this entry along with all other entries in the OpenEdge certificate store using the certutil utility. For more information see Use certutil to manage an OpenEdge root certificate store.

For more information on the mkhashfile command-line utility, see mkhashfile