A customer is using Net Express 5.1 and the Interface Mapping Toolkit (IMTK) Client Generation Tool to create a Web Service client program in COBOL from a 3rd party WSDL file.  The Web Service uses SSL so the Net Express 5.1 Security Addpack has been installed and configured.  When the customer runs the Web Service client it returns a 0008 Communications Error which normally means that the SSL is not setup correctly on the workstation.  How can the customer test his computer to ensure that SSL security is setup correctly outside of running the Net Express client program?

There is a program called openssl.exe which is installed as part of the Net Express Security Addpack that resides in the C:\\Program Files\\Micro Focus\\DemoCA folder. This is an open source implementation of an application that can be used to test if security is working correctly on your workstation.

From a net express 32-bit command prompt make the DemoCA folder your default folder and then execute the following command:

    openssl s_client -cert clicert.pem -key clikey.pem  -connect your-webservice-address.com:443  -showcerts -CAfile private\\CARootcert.pem

this uses the openssl command to check the ssl connection between the client and server computer using your certificate file.
your-webservice-address.com:443 should be replaced with the actual name of your web service as it appears in the generated Net Express client program.

If you imported the client certificate into a file then you need to point to this file with -cert and likewise the key file that you used should be pointed to by -key option.

This will display information regarding the connection to the web service and the verification of the certificate that you are using.

When the openssl command works correctly then so should your Net Express client program.