Skip to main contentSkip to search
Powered by Zoomin Software. For more details please contactZoomin
Progress DocumentationProgress Documentation
Progress Documentation
  • Home
  • Home
  • EnglishČeštinaDeutsch (Germany)Español (Spain)ФранцузскийItaliano (Italy)Português (Brasil)日本語Русский (Russia)中文 (简体) (China)中文 (繁體, 台灣) (Taiwan)ar-AR
  • Login

Introduction to OpenEdge Management

Set up secure communication-related security for a remote AdminServer

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
Table of Contents
  • Introduction to OpenEdge Management
    • More about the Management Console
      • Access the Management Console
      • System requirements
      • Browser support
      • Accessing OpenEdge Management documentation
    • Understand OpenEdge Management architecture and deployment
      • OpenEdge Management system architecture
      • OpenEdge Management deployment
        • Deploy OpenEdge Management on a single host
        • Deploy OpenEdge Management on multiple hosts
    • Use AdminServer
      • OpenEdge products supported by the AdminServer
      • Start the AdminServer
      • Stop the AdminServer
      • Query the AdminServer
      • Change the default AdminServer port
      • RMI interface for AdminServer communication
        • Enable remote RMI interface for AdminServer communication
      • Run multiple AdminServers
      • AdminServer authorization and authentication
        • Set authentication to start AdminServer-controlled servers
        • Set authentication to access AdminServer administered sub-processes
      • AdminServer logging details
        • AdminServer log format and contents
      • AdminServer utilities
        • ADMSRVC
        • PROADSV
      • AdminServer configuration properties
        • PAS manager properties file
    • Configure or monitor resources on a remote AdminServer
      • Configuring remote resources with OpenEdge Explorer
      • Configure and monitor remote resources with OpenEdge Management
      • Resources that support remote monitoring
      • More about monitoring scripted and managed databases
        • Monitor a scripted database through a remote-enabled AdminServer
        • Monitor a managed database through a remote-enabled AdminServer
        • Monitor scripted databases outside the AdminServer running OpenEdge Management
    • Choose an OpenEdge Management deployment strategy
    • OpenEdge Management CPU and memory requirements
      • CPU use
      • Memory use
    • Optionally configuring the OpenEdge Management Trend Database
    • Get started with OpenEdge Management tasks
  • Set Up OpenEdge Management for the First Time
    • Prepare to set up OpenEdge Management
      • Use the management console
      • Use the Database Administration Console
    • Complete the initial setup process
      • Setting up OpenEdge Explorer
      • Set up OpenEdge Management
    • Start OpenEdge Management
      • Enter the default user name and password
    • Choose initial configuration options
      • Setting initial configurations for OpenEdge Explorer
      • Set initial configurations for OpenEdge Management
        • Specify the administrator password
        • Specify the location of the OpenEdge Management Trend Database
        • Specify the OpenEdge Management e-mail server and default operator
        • Submit the OpenEdge Management Configuration page
    • Set up the Getting Started page for OpenEdge Management
    • Understand managed and scripted databases
    • Define OpenEdge Management monitors for previously scripted databases
      • Add a managed database
      • Make changes to a managed database configuration
    • Define OpenEdge Management monitoring and trending options for file systems and disks
    • Submit the Getting Started page for OpenEdge Management
  • Use the Resources Tab
    • Customize the Resources view
    • Check resource status and alert severity
    • View the contents of a AdminServer
  • Set up Remote Resource Monitoring and Configuration
    • Remote monitoring and configuration requirements
    • Prepare to enable remote monitoring and configuration
    • Set up for remote monitoring or configuration
    • Set up a remote AdminServer
      • Verifying that OpenEdge Management can see the remote AdminServer
    • Disabling remote monitoring of a remote AdminServer
  • Administer OpenEdge Management
    • Update configuration options
    • Add users as administrators or operators
      • Manage the authorized users list
      • Add a new user
      • Change passwords and descriptions
      • Change the administrator password
      • Delete users
    • Customize the operator role
      • Manage access to the Database Administration Console
    • Configure user authentication
      • OpenEdge Authentication Gateway authentication
        • Support for multiple domains
        • Access OpenEdge Management resources
        • Limitations to access OpenEdge Management pages
      • Configure user authentication for web server logins
        • Validate authentication tokens
    • Set OpenEdge Management user preferences
    • Set up a remote AdminServer
      • Add a remote AdminServer manually
      • Add an automatically discovered remote AdminServer
      • View a remote AdminServer
      • Edit a remote AdminServer
      • Delete a remote AdminServer
      • Set up secure communication-related security for a remote AdminServer
      • Enable auto-discovery feature for remote AdminServer
      • Configure INI authentication for AdminServer and OpenEdge Management communication
        • Generate and apply Shiro-encrypted password for INI authentication
        • Enable INI authentication for the AdminServer
        • Add or update the AdminServer credentials in OpenEdge Management
    • Change general configuration settings
    • Change OpenEdge Management Trend Database settings
    • Change OpenEdge Management e-mail alerts settings
    • Change OpenEdge Management resource monitoring settings
    • Set the OpenEdge Management graph cache
    • Configure process pooling
      • Process pooling modes
      • Set process pooling options
        • Modify the process pooling port before initial startup
      • Create a new process pooling configuration
      • Delete a custom process pooling configuration
    • Set OpenEdge Management resource monitor defaults
    • Set OpenEdge Management distribute resource properties
    • Change the OpenEdge Management SNMP Adapter settings
    • Use the command-line interface
    • Set the log level for the AdminServer log file
    • Configure OpenEdge Management log files
  • Set Up Secure Communications
    • Transfer data securely with the HTTPS protocol
      • Use the demo certificate or your own certificate
    • About common secure communication-related terminology
    • Get started: using the demo certificate
      • Configuration update errors or warnings
      • Identify trusted clients
      • Reconnect after updates
    • Change web server settings
      • Use advanced HTTP and HTTPS options with the web server
    • Use secure communication
      • Detect a certificate from an unknown Certificate Authority
      • When browsing in Internet Explorer
        • Install a certificate in Internet Explorer
    • Use your own certificate
    • Use the keytool utility
      • Step 1: Create a keystore
      • Step 2: Generate a Certificate Signing Request
      • Step 3: Import the CA Certificate
      • Step 4: Import the signed certificate to the keystore
  • Fathom Command-line References
    • Use Proenv
    • Access help (help)
    • Start OpenEdge Management (start)
    • Stop OpenEdge Management (stop)
    • Check status (query)
    • Restart OpenEdge Management (restart)
    • Display configuration information (configinfo)
    • Clear an alert (clear)
    • Enable a resource (enable)
    • Disable a resource (disable)
    • List alerts (alertlist)
      • Additional options
    • Fire an alert (firealert)
    • Dump configuration database (dump)
    • Load configuration database (load)
    • List resources (reslist)
    • Initialize new database (initcachedb)
Table of Contents

Set up secure communication-related security for a remote AdminServer

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
Print
  • Last Updated: February 11, 2026
  • 2 minute read
    • OpenEdge
    • Version 13.0
    • Documentation

Set up secure communication-related security for a remote AdminServer

You can set up secure communication-related properties for a remote AdminServer to ensure that communication between OpenEdge Management and a remote AdminServer is secure. For more information on setting up a remote AdminServers, see Set up a remote AdminServer.

The following table lists all the properties in management.properties file at the %DLC%\properties location:

Property Description
sslEnable Default value: 0

Enables you to set the cryptographic protocols and ciphers for secure communication with a remote AdminServer. To set the default cryptographic protocols and ciphers for the remote AdminServer, set this property value to 1. You must reset the remote AdminServer and OpenEdge Management for the setting to take effect.
enabledProtocols Default value: TLSv1.3

Supported values: TLSv1.2 and TLSv1.3

If you want to change the default cryptographic protocol for the remote AdminServer, enter this property in the management.properties file. The property accepts a comma-separated list of valid cryptographic protocols that are set for secure communication.
enabledCipherSuites

If you want to change the default cryptographic protocol for the remote AdminServer, enter this property in the management.properties file. The property accepts a comma-separated list of valid cryptographic protocols that are set for secure communication.
tcpEnable Default value: 1

Enables unsecure connections to remote AdminServer.

To disable it, set the property value to 0. This only affects the TCP connection for incoming management connections. It does not affect TCP connections for outgoing OpenEdge Management connections to a remote AdminServer.
sslPort Default value: 7278

Specifies the port using which OpenEdge Management receives the incoming secure connections
port Default value: 6835

Specifies the port using which OpenEdge Management receives non-secured connections
keyAlias Default value: default_server

Specifies the alias set for a private-public key.If this property is not set, the server certificate alias that is provided by OpenEdge is used.
keyAliasPasswd Default value: -NA-

Specifies the password set for the alias of the private/public-key. This password is expected to be encoded. You can use the OpenEdge provided genpassword utility for encoding your passwords. For information about the genpassword utility, see Manage OpenEdge Keys and Certificates.

If this property is not set, the password of the default alias that is provided by OpenEdge is used.
keyStorePath Default value: -NA-

Specifies the key store location. If this property is not set, the default value is $DLC/keys.
keyStorePasswd Default value: -NA-

Specifies the password used for accessing the custom keystore. This password is expected to be encoded. You can use the OpenEdge provided genpassword utility for encoding your passwords. For information about the genpassword utility, see Manage OpenEdge Keys and Certificates.
noHostVerify Default value: 0
When set to 1, OpenEdge Management disables host verification when connecting to a remote AdminServer that has a private key.
Note: This property is no longer supported in the management.properties file. To enable or disable the host verification, add the fathom.verifyHostName property to the catalina.properties file and set its value accordingly.

The following table describes the fathom.verifyHostName property that you have to add to the catalina.properties file at the $oemgmt/conf location:

Property Description
fathom.verifyHostName Default value: True

Specifies whether the hostname verification is required or not.

  • When you set this property to True, the hostname is verified. You have to create your own certificates to establish communication between OpenEdge Management and the remote AdminServer.
  • When you set this property to False, the hostname verification is skipped. You can use default certificates to establish communication between OpenEdge Management and the remote AdminServer.

Using the secure communication properties, you can implement secure communication for the Remote AdminServers in the following ways:

  • Without private key information: This is the basic and default secure communication configuration used when you set up a cryptographic protocols-enabled Remote AdminServer in the Remote AdminServer Configuration page. Using this configuration, you are using the OpenEdge-provided server certificate from the certificate store. This configuration does not require any private key information.

    This is the recommended setting for testing the secure communication configuration of a remote AdminServer.

  • With private key information for the Remote AdminServer: Using this configuration, you can create and store your server certificate on the server side for OpenEdge Management to connect to the remote AdminServer and validate the private key provided by the remote AdminServer.

    You must perform the following steps to configure a cryptographic protocol-enabled remote AdminServer with private key information on the remote AdminServer:

    1. Generate a private-public key pair and certificate for the remote AdminServer that requires secure communication. You can use OpenEdge-provided utilities for generating the key and certificate. For more information about managing the OpenEdge key and certificates stores, see Manage OpenEdge Keys and Certificates.
    2. Open the management.properties file from $DLC\properties and edit the properties to point to the private-public key pair and certificate information.
    3. Restart OpenEdge Management for the settings to take effect.
  • With private key information for the remote AdminServer and OpenEdge Management: In this configuration, you create and store your server and client certificates in OpenEdge Management and remote AdminServer, respectively, for OpenEdge Management to connect to the remote AdminServer. You must validate the private key provided by the remote AdminServer on a OpenEdge Management end, and validate the private key provided by OpenEdge Management on a remote AdminServer end.

    You must perform the following steps to configure an cryptographic protocol-enabled remote AdminServer with private key information on the remote AdminServer:

    1. Generate a private key and certificate for the remote AdminServer and OpenEdge Management for secure communication. You can use OpenEdge-provided utilities for generating the key and certificate. For more information about managing the OpenEdge key and Certificates Stores, see Manage OpenEdge Keys and Certificates.
    2. Open the management.properties file from $DLC\properties and edit the properties to point to the private-public key pair and certificate information.
    3. Configure the remote AdminServer to authorize the private key information that it receives from OpenEdge Management.
    4. Restart OpenEdge Management and the remote AdminServer for the settings to take effect.
TitleResults for “How to create a CRG?”Also Available inAlert