Visual COBOL supports the concurrent use of Elliptic Curve Cryptography (ECC) and RSA public key cryptography on a single listener endpoint.
When specifying dual cryptographic support the order of the certificate, key, and password files is important. You must maintain the order of the configuration elements as follows:
Configuration Element | Syntax |
---|---|
Certificate File | [certfile1];[certfile2] |
Certificate Password | [certfilepassword1];;;;;[certfilepassword2] |
Key File | [keyfile1];[keyfile2] |
Key Password | [keypassword1];;;;[keypassword2] |
Where files and paths are listed a single semicolon ";" is used as a delimiter.
When required, different key file passwords must be supplied in the same order as the files that they are used to unlock:
[Password 1][delimiter character sequence][Password 2]
When listing multiple key file passwords the delimiter used must be four consecutive semicolons ";;;;".
The only exception is when the same password is used for both files. In this case, the password can be configured once but is used for both files.
If only one of the two key files has a password, only the single password should be configured. It will be used for the appropriate file.