Highlighted
Absent Member.
Absent Member.
1318 views

SSL Encryption on transmissions between AcuThin Client and AcuRCL server

[Migrated content. Thread originally posted on 02 August 2011]

According to Acucobol support the built in encryption in the Acuthin client is very low. It does not get close to meeting the retail industry's PCI DSS standard. Does anyone have an idea how to make the data transmissions between Acuthin client and AcuRCL server SSL encrypted?
0 Likes
2 Replies
Highlighted
Micro Focus Expert
Micro Focus Expert

RE: SSL Encryption on transmissions between AcuThin Client and AcuRCL server

Thin client has AES 128 bit encryption and you can take it further by making your own seed - Chapter 3: Server Configuration > 3.4 Creating a Runtime Configuration File for the Remote Server Component >
ENCRYPTION_SEED

Thin client, the runtime and / or AcuConnect do not provide SSL. As Acu is shipped worldwide there are many import / export regulations surrounding SSL in software.

If you need SSL you could either use COBOL as a web service (Xcentricity Business Information Services for extend) and in that case the web client and server can communicate via SSL, or you could lok to use a third party library that provides SSL.

I hope this helps.
0 Likes
Highlighted
Absent Member.
Absent Member.

RE: SSL Encryption on transmissions between AcuThin Client and AcuRCL server

Just so I'm clear. Ignoring SSL, the thin_client_encrypt does encrypt all traffic from acuthin to acurcl on the server with AES 128bit? I wasn't sure reading the documentation if it applied to all traffic or just sockets we create.

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.