Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 11.0.1 (Français) » SQL Anywhere Server - Database Administration » Starting and Connecting to Your Database » The database server » Database server options


-fips server option

Requires that only FIPS-approved algorithms should be used for strong database and communication encryption.

{ dbsrv11 | dbeng11 } -fips ...
Applies to



Specifying this option forces all server encryption to use FIPS-approved algorithms. This option applies to strong database encryption, client/server transport-layer security, and web services transport-layer security. You can still use unencrypted connections and databases when the -fips option is specified, but you cannot use simple encryption.

Composants nécessaires sous licence distincte

Les cryptages ECC et certifié FIPS exigent une licence distincte. Toutes les technologies de cryptage fort sont soumises à la réglementation en matière d'exportation.

Pour plus d'informations, reportez-vous à la section Separately licensed components.

For strong database encryption, the -fips option causes new databases to use the AES_FIPS type, even if AES is specified in the ALGORITHM clause of the CREATE DATABASE statement.

When the database server is started with -fips, you can run databases encrypted with AES, AES256, AES_FIPS, or AES256_FIPS strong encryption, but not databases encrypted with simple encryption. Unencrypted databases can also be started on the server when -fips is specified.

The SQL Anywhere security option must be installed on any computer used to run a database encrypted with AES_FIPS or AES256_FIPS.

For SQL Anywhere transport-layer security, the -fips option causes the server to use the FIPS-approved RSA encryption cipher, even if RSA is specified. If ECC is specified, an error occurs because a FIPS-approved elliptic-curve algorithm is not available.

For transport-layer security for web services, the -fips option causes the server to use HTTPS FIPS, even if HTTPS is specified.

When you specify -fips, the ENCRYPT and HASH functions use the FIPS-approved RSA encryption cipher, and password hashing uses the SHA-256 FIPS algorithm rather than the SHA-256 algorithm.

See also