Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 11.0.1 (Français) » MobiLink - Client Administration » Introduction to MobiLink Clients » MobiLink client network protocol options

 

certificate_company

If specified, the application only accepts server certificates when the Organization field on the certificate matches this value.

Composants nécessaires sous licence distincte

Les cryptages ECC et certifié FIPS exigent une licence distincte. Toutes les technologies de cryptage fort sont soumises à la réglementation en matière d'exportation.

Pour plus d'informations, reportez-vous à la section Separately licensed components.

Syntax
certificate_company=organization
Protocols
Default

None

Remarks

MobiLink clients trust all certificates signed by the certificate authority, so they may also trust certificates that the same certificate authority has issued to other companies. Without a means to discriminate, your clients might mistake a competitor's MobiLink server for your own and accidentally send it sensitive information. This option specifies a further level of verification, that the Organization field in the identity portion of the certificate also matches a value you specify.

For information about how to set network protocol options with dbmlsync, see CommunicationAddress (adr) extended option.

For information about how to set network protocol options with UltraLite, see Network protocol options for UltraLite synchronization streams.

See also
Example

The following examples tell a SQL Anywhere client to check all three identity fields and to accept only the named values. This example verifies all three fields. You can instead choose to verify only one or two fields.

For example, if you have SQL Anywhere clients you can set up certificate verification in the subscription as follows:

CREATE SYNCHRONIZATION SUBSCRIPTION
FOR 'user01'
TO test_pub
ADDRESS 'port=3333;  
  trusted_certificates=certicom.crt;
  certificate_company=Sybase, Inc.;
  certificate_unit=iAnywhere;certificate_name=sample'

In an UltraLite application written in embedded SQL in C or C++, you can set up certificate verification as follows, assuming that the trusted certificate was installed in the database when the database was created:

ul_synch_info info;
info.stream = "tls";
info.stream_parms = UL_TEXT("port=9999;")
   UL_TEXT ( "certificate_company=Sybase, Inc.;" )
   UL_TEXT ( "certificate_unit=iAnywhere;" )
   UL_TEXT ( "certificate_name=sample;" );
...
ULSynchronize( &info );