Secure Sockets Layer
Overview
In BBj 4.0 and higher, and in PRO/5 5.0 and higher, data access over a network is secure. Using the normal data connection, it is possible for an informed attacker to "sniff" the network and see data from the server as it accessed. This is clearly a security problem if the data is sensitive and the network cannot be trusted. Secure Sockets Layer (SSL) solves this potential problem by encrypting all data passed over the network.
By enabling SSL on the server, clients can read and write data without having to worry about the security of the data or network as a whole. However, the added encryption overhead results in slower network access. The security trade-offs must be evaluated on a case-by-case basis. For example, a user might run both a SSL and non-SSL server and access different data from the two servers.
Note: PRO/5 's SSL implementation uses OpenSSL (www.openssl.org) BBj uses Java's built in SSL library.
PRO/5 -specific Help Topics
To enable SSL on PRO/5 Data Server for
-
Windows NT – see Configuring and Starting the Data Server-Windows NT
-
UNIX – see Command Line Options - UNIX Data Server
BBj-specific Help Topics
To enable SSL on various BBj servers, see Configuring BBjServices via the Enterprise Manager. For a comprehensive overview of SSL implementation in BBj, refer to Socket Overview.
To connect to an SSL-enabled
-
File server – see PRO/5 Files and Devices
-
BBj SQL server – see Creating System Or User Data Sources with the Windows ODBC Administrator and the Connecting Using the JDBC Driver