Application network security using TLS

OpenEdge supports data privacy and client/server authentication over connections between OpenEdge clients, servers, and middleware using the Transport Layer Security (TLS). This TLS support works at two levels of networking:

• Secure Internet access—Using OpenEdge middleware and third-party Web servers or Java Servlet Engines (JSEs) to secure Internet connections between an OpenEdge client and server component using HTTPS (HTTP tunneled through TLS)
• Secure intranet access—Securing direct connections between OpenEdge client, middleware, and server components using an OpenEdge implementation of TLS (TCP/IP tunneled through TLS)

Depending on the OpenEdge components involved, Internet and intranet TLS can be used alone or together to provide combinations of security options for certain OpenEdge client and server connections.

As you might know or have surmised from the basic functionality provided by this security option (data privacy and client/server authentication), TLS fundamentally relies on various forms of data cryptography that are specially organized to provide this connection security. To help understand the scope and impact of using TLS with OpenEdge, this manual describes this security option at several levels starting with the technical foundations and basic terminology required to understand and describe TLS itself as well as its role in OpenEdge.

For information on:

• The foundation technologies and terminology for TLS, see Public Key Infrastructure (PKI)
• The features and functions of TLS, see Public Key Infrastructure (PKI)
• How OpenEdge uses TLS to secure its client, server, and middleware components, and how to configure these components to use TLS, see Transport Layer Security (TLS)
• How to prepare the OpenEdge platform environment to use TLS, see the sections on managing OpenEdge key and certificate stores in Manage OpenEdge Keys and Certificates