To have a secure connection between the REST Web application and the AppServer, the following conditions must be met:

  • You must obtain and install public key certificates for the host machine in which the OE Web Server resides.
    Note: You can add any additional public certificates to psccerts.jar (located in WEB-INF/lib folder and contains all the certificates for the REST Web application required to connect to the OpenEdge AppServer) using the certutil.bat. If you do not want to use pscerts.jar, you can uncomment the property certlocation in the REST Web application's web.xml file.
  • The REST Web application must send TLS requests to the AppServer to process the client requests. To configure the service to send TLS requests, set the value of the ApplicationService Protocol property to AppServerS or AppServerDCS. For more information on setting properties for REST Web Applications, see Set OE Web Server application properties .
  • The AppServer must be TLS-enabled, meaning that it accepts TLS requests from the OE Web Server (or other clients). OpenEdge supports Transport Layer Security (TLS)-enabled communications between the Web server where the REST Management Agent runs and a Web server client. To achieve this, you must enable the REST Web application for HTTPS (TLS) connections. For more information on enabling TLS, see Viewing or modifying AppServer broker properties.

For details on TLS support in OpenEdge, including configuring and operating a client of an TLS-enabled AppServer, see OpenEdge Getting Started: Core Business Services - Security and Auditing.