You can use HTTPS (implemented with TLS) to securely connect a client to and communicate with PAS for OpenEdge. HTTPS provides data privacy over network connections and authentication between clients and servers on those connections using elements of Public Key Infrastructure (PKI). These elements include digital certificates, and both private and public keys, that the clients and servers use to authenticate each other and to set up data encryption and decryption services between the initiator of the communications (TLS client) and the responder (TLS server).

The server is identified by the private key that it stores and the client is identified as a valid TLS client for that server by the public key that it stores and provides to the server. TLS clients gain access to public keys using digital (public key) certificates provided by a trusted certificate authority (CA) that also provides the private key confidentially to the HTTPS server. You can use Tomcat tools to manage these certificates and private keys for a PAS for OpenEdge instance. For more information, see the sections on HTTPS support in the Manage Progress Application Server (PAS) for OpenEdge and the Apache Tomcat documentation on managing the certificate and key store using the keytool command-line utility.

OpenEdge uses the certutil command-line tool to manage public key certificates for ABL clients. The client can then connect to a corresponding PAS for OpenEdge instance using an HTTPS URL. For more information on managing the public key certificates using certutil, see the sections on managing OpenEdge key and certificate stores in Manage OpenEdge Keys and Certificates. For information on connecting to PAS for OpenEdge from an ABL client using HTTPS, see the sections on using the -URL connection parameter in Establishing a connection with the CONNECT( ) method.

You use Microsoft tools to manage public key certificates for .NET Open Clients and use the OpenEdge procertm command-line tool to manage public key certificates for Java Open Clients. The Open Client connects to a PAS for OpenEdge instance using an HTTPS URL very similar to an ABL client. For more information on managing public key certificates for .NET clients, see the information on managing certificate stores in the Microsoft .NET documentation. For more information on managing public key certificates for Java clients, see the information on managing certificate stores in Java Open Clients. For information on connecting to a PAS for OpenEdge instance from an Open Client, see the sections on connecting to a server using HTTPS in Learn about Open Clients, and Connection URL syntax for the APSV transport in this manual.