The default key and certificates installed with OpenEdge support an TLS server identity that is common to all OpenEdge installations. These are appropriate for use on an intranet where TLS server authentication is not required, but where you still want to maintain data privacy over protected connections with a minimum of management. In other words, the default server identity is an easy-to-use TLS solution. Its primary purpose is in demonstrations and development environments, but you can also use it in intranet situations. For intranet production purposes and for use on the Internet, Progress Software Corporation recommends that you use a public or private CA-issued server digital certificate.

To use the default server identity with any OpenEdge server, you need only configure it to use TLS. OpenEdge automatically uses the keystore alias, "default_server", and the default password, "password", unless you specify otherwise.

You can also update the default_server entry with a new trusted CA server certificate, adding effective server authentication to your default intranet TLS environment. If you use the same default password, you do not need to change any default server configurations for this update.

Note: The default_server identity installed with OpenEdge expires in the year 2035 to minimize any concern with its valid lifetime.