Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SAP Sybase SQL Anywhere 16.0 » SQL Anywhere Server - Database Administration » User and database security » Transport-layer security » SQL Anywhere client/server communication encryption

 

Database server with transport-layer security

To start the database server with transport-layer security, supply the server identity file name and the password protecting the server's private key.

Use the -ec database server option to specify the identity and identity_password parameters. To allow unencrypted connections over shared memory, you must also specify the -es option.

Following is the syntax of a partial dbsrv16 command line:

-ec tls(
   identity=server-identity-filename;
   identity_password=password )
-x tcpip
  • server-identity-filename   The path and file name of the server identity file. If you are using FIPS-certified RSA encryption, you must generate your certificates using the RSA algorithm.

    An identity file contains the public certificate and its private key. For certificates that are not self signed, the identity file also contains all the signing certificates.

  • password   The password for the server private key. You specify this password when you create the server certificate.

You can also start the database server with simple encryption. Simple encryption makes it more difficult for someone using a packet sniffer to read the network packets sent between the client and the server, but does not assure data integrity or provide server authentication.

You specify the TCP/IP protocol using the -x database server option.

 See also
 Example