Enabling SSL for Java Clients of an AppServer
To make the Java clients (QXI) work with the SSL-enabled AppServer, bundle the public key to psccerts.jar and deploy the public key bundle to the Java clients. 1 Import the public key (for example, 976f8f0c.0) generated for the AppServer into $DLC/certs/psccerts.jar.
a On the AppServer Host, use Progress on the same host as the AppServer and run the following command:
cd $DLC/certs
$DLC/bin/procertm -i 976f8f0c.0 psccerts.jar
b To check whether the key is included in the psccerts.jar file, list all the certificates in the psccerts.jar file. Run the following command:
$DLC/bin/procertm -l psccerts.jar
Note: If the public key certificate with the same alias name exists in the psccerts.jar file, remove it first and import the new one.
2 Deploy the public key bundle to the Java client.
• For a one-tier system, ensure that the psccerts.jar file is in the $DLC/certs directory.
• On a two-tier system that has no Progress installed on the Tomcat host, copy the certs directory containing the public key and paste it to a location on the Tomcat host.
• For multiple connection pools, if the pools use different certificates, ensure that the public key bundle files (psccerts.jar) are stored in different certs directories.