Uniface Anywhere provides support for both Transmission Control Protocol (TCP) and Secure Socket Layer (SSL) as methods for communication between Windows and Uniface Anywhere Hosts.
Host Administrators can optionally encrypt all data transmitted between the client and the host. This includes the client’s user name and password, which are supplied during logon, and any application data submitted by the client or returned by the host.
When TCP transport mode is selected, Uniface Anywhere uses 56-bit DES encryption by default setting. The DES key is exchanged using RSA Public-Key Cryptography Standards. The RSA keys are 512-bits.
When selecting the SSL transport mode:
Changing the Transport Protocol and its Encryption can be done on the Uniface Anywhere Host by the UA Administrator in the UA Cluster Manager / Admin Console - Tools - Host Options... - 'Security' Tab page.
You can obtain a certificate from a trusted Certificate Authority (CA) such as Verisign or Thawte, or you can create your own certificate authority and then sign your server certificates from this authority. Wildcard SSL certificates are also supported.
In the , you'll find the next chapters (starting at page 42) on how to create certificates that can be used by Uniface Anywhere:
Be notified that Uniface Anywhere can only support Certificates in the PEM format. It happens that systems or third-party CA's deliver certificates in the DER format.In the Uniface Anywhere Administrator Guide, you can find a procedure to convert DER formatted files to PEM formatted files using Openssl.
When using Trusted Server Certificate or Intermediary Certificate, then the files 'server.crt' and 'server.key' are required.The server key and certificate files (e.g., server.key and server.crt) must have the same base filename and be located in the same directory on the Uniface Anywhere Host.
When using your Own Certificate Authority (self signed certificates) you will also need file 'ca.crt' in the same directory on the Uniface Anywhere Host.
All these files need to be copied in a directory on the target server that can be accessed from the System account but cannot be accessed from the accounts of users who will sign in to the host.
77 4th AvenueWaltham, MA 02451 USA
Rocket Support Community
All Support Offerings
About Rocket Software
Training and Services
Forum Terms and Conditions
Contact Forum Moderator