Generating Client-Side Certificates

Generate a client-side certificate, which is not the same as the one you configure for Unwired Server HTTPS encrypted synchronization.

1. At a command prompt, change to <UnwiredPlatform-installDir>\servers\UnwiredServer\SQLAnywhere11\BIN32.
2. Run:

   createcert

3. When prompted, enter 1024 as the RSA key length. For all remaining prompts, enter appropriate values for your deployment; for example:

   C:>createcert
   SQL Anywhere X.509 Certificate Generator Version 11.0.1.2250
   Enter RSA key length (512-16384): 1024
   Generating key pair...
   Country Code: CA
   State/Province: ON
   Locality: Waterloo
   Organization: ClientCert
   Organizational Unit: ClientCert
   Common Name: ClientCert
   Enter file path of signer's certificate:
   Certificate will be a self-signed root
   Serial number [generate GUID]:
   Generated serial number: 6d2f67d5a21c4d95a604b701afd37789
   Certificate valid for how many years (1-100): 10
   Certificate Authority (Y/N) [N]: Y
   1.  Digital Signature
   2.  Nonrepudiation
   3.  Key Encipherment
   4.  Data Encipherment
   5.  Key Agreement
   6.  Certificate Signing
   7.  CRL Signing
   8.  Encipher Only
   9.  Decipher Only
   Key Usage [6,7]:
   Enter file path to save certificate: rsa_client.crt
   Enter file path to save private key: rsa_client.key
   Enter password to protect private key: pwd
   Enter file path to save identity: id_client.pem
                       

   Note: You must use an RSA Transport Layer Security (TLS) certificate, and not a certificate generated from ECC TLS or from another source such as openssl or createcert in an SQL Anywhere installation.
   Note: Make a note of your private-key file path and password values (rsa_client.key and pwd), and the certificate and identity file paths (rsa_client.crt and id_client.pem). You will need these values again.