We do have some potential need where several application running on same database/server need to post REST call using SSL (TLSV1.2) session (HTTPS URL with client authentication required), each of the application having a different key/cert. Had a quick look on openedge.net.pl doc and haven't found any particular option which could allow us to choose something else than the default openedge cert/store. What we would like is something somehow similar as OPENSSL feature which let you initiating a SSL session with any key/certificate you specify as part of available option
This remains something we need ONLY when our application consume services from 3rd part application.
What comes to the services we currently exposed we're ok with the eg different PASOE instance which enable us to use any key/cert per HTTPS port.
We're currently running a mix of 11.5/11.6.3 and shall start our migration to 11.7 soon.
Thanks Peter ! OE.net not supporting mutual authentication is pretty bad news. This basically means that not any of our client will be able to consume service requiring client authentication. I'm defintelely supporting that improvement for sure. We unfortunately can rely on OAG as we're having lot of non progress client and I've understood OpenEdge can only support now propritary token.
Do you eg see any other alternative as using a forward proxy which will enable the client authentication for now ?