PAS for OpenEdge and OpenEdge Authentication Gateway: Domain configuration
- Last Updated: January 26, 2026
- 2 minute read
- OpenEdge
- Version 12.8
- Documentation
PAS for OpenEdge and OpenEdge Authentication Gateway: Domain configuration
- Be enabled for user authentication
- Have access to a valid set of user accounts
- Be part of an OpenEdge domain configuration that is enabled for run time
user ID can be established.Domain access codes are used by the PAS for OpenEdge and Authentication Gateway servers to create client-principal objects. In OpenEdge 12, the ability to configure domain access codes in the PAS for OpenEdge and Authentication Gateway configuration properties file is no longer supported. Instead, you must explicitly define domain access codes in a CSV file, which is encrypted into the domain registry keystore, domains.keystore.
For more information, see Configuring domain access codes in OpenEdge Getting Started: OpenEdge Authentication Gateway Guide. If you use the properties file to configure the domain access code, the server instances will not start.
Explictly defining domains and their access codes is the default functionality in Release 12 of OpenEdge Authentication Gateway. Consequently, the domain access code ‘key’ property is removed from the sts.properties file.
- Uses only the default settings, then no upgrade is required.
- Uses a domain registry keystore (with a list of domains and
their access codes defined), then generate the registry keystore again.
To generate the keystore, use the gendomreg utility in Manage OpenEdge Keys and Certificates.
- Allows multiple domains, but uses the default blank domain access code to seal client-principal objects, then you must remove the ‘key’ property from the sts.properties file and use the OpenEdge domain registry keystore file.