Secure PAS for OpenEdge instances
- Last Updated: February 11, 2026
- 1 minute read
- OpenEdge
- Version 13.0
- Documentation
As a system administrator, you should consider doing the following before
running the production version of PAS for OpenEdge:
- Add a valid key/certificate (SSL/TLS) to your PAS for OpenEdge instance. Do not rely on the private key/digital certificate sent by OpenEdge for testing in production. For more information, see Use TLS in PAS for OpenEdge.
- For server administration, add new users and assign PAS roles
(
ROLE_PSC**). - Provide file system access as described in Manage users and remote access.
- Secure deployed management web applications, see Secure the Tomcat Manager and OpenEdge Manager web applications.
- Use remote access filters to control client IP addresses.
- Enable remote administration and monitoring (if required) as described in Secure online deployment of a new ABL application.
- Understand and implement an ABL application client login model and user account source as described in Enable ABL application authentication.
- Learn how to turn off HTTP.
Note: Never use a PAS for OpenEdge instance created in development mode in a production
environment. Use only PAS for OpenEdge instance created in production mode for
deployment in public facing production environment.
Server security support includes standard Tomcat server functionality, the Spring Security Framework, plus OpenEdge security features and customizations.