Secure Sockets Encryption

The DataBasic APIs for outgoing web services use the DataBasic CONNECT statement to make TCP connections to the web. Underpinning the CONNECT statement is the Reality Sockets layer. Together, the CONNECT statement and underlying Reality Sockets layer allow secure sockets encryption of outgoing and incoming data. The security layer has been implemented using the OpenSSL library.

Transport Layer Security (TLS)

You can enable TLS on a standard TCP connection by setting the parameter TLS=server in the connection string of the DataBasic CONNECT statement. You must set the correct port number when using this parameter.

Alternatively, setting TLS=none suppresses authentication of the server, making it easier to test applications against a local HTTP server.

When using this feature, a connect string may look like:

"*TCP*www.paypal.com;port=443;so_linger=5000;TLS=server"

Note

If TLS is used through a proxy server, the underlying connection code must handle the proxy interface. Hence the connect string must connect to the proxy server and then specify the required host and port using true_host and true_port parameters. Additionally, if the proxy server is password-protected, the parameter proxy_user=user:password must be used.

For example:

"*TCP*bluecoat1;port=80;true_host=www.paypal.com;true_port=443;proxy_user=fred:1234;TLS=server"