The TLS security in OpenEdge includes default support for digital certificate validation.

Note: By default, all OpenEdge components support TLS 1.2, 1.3. The TLS version used for authentication over connections between OpenEdge clients and servers is decided based on the following scenarios:

  • An unconfigured OpenEdge client uses the default (TLSv1.3,TLSv1.2) to establish a handshake to secure the connection between the OpenEdge client and OpenEdge server. In such scenario, TLSv1.3 takes precedence over TLSv1.2.

    If a secure connection is not established using TLSv1.3, the TLS connection falls back to TLSv1.2 to establish a connection.

  • If the OpenEdge client is configured with TLSv1.3, then the OpenEdge server establishes the connection using TLS 1.3.
  • If the OpenEdge client is configured with TLSv1.2, then the OpenEdge server establishes the connection using TLS 1.2.