The list of known and trusted CAs is maintained in the trusted roots file. The trusted roots file is similar in format to a certificate file, except that it contains certificates for CAs known to the entity (client applications, servers, network resources, and so on). The System Security Officer adds and deletes CAs using a standard ASCII-text editor.
The trusted roots file for Open Client is located in $SYBASE/config/trusted.txt. Currently, the recognized CAs are Thawte, Entrust, Baltimore, VeriSign and RSA.
By default, Adaptive Server stores its own trusted roots file in $SYBASE/$SYBASE_ASE/certificates/servername.txt.
Open Client allows you to specify an alternate location for the trusted roots file:
ct_con_props (connection, CS_SET, CS_PROP_SSL_CA, “$SYBASE/config/trusted.txt”, CS_NULLTERM, NULL);
where $SYBASE is the installation directory. CS_PROP_SSL_CA can be set at the context level using ct_config(), or at the connection level using ct_con_props().
bcp and isql utilities also allow you to specify an alternative location for the trusted roots file.The parameter -x is included in the syntax, allowing you to specify an alternative location for the trusted.txt file.
