Use createcert to create a self-signed certificate that encrypts replication-based synchronization (RBS) connections. In a production environment, request the certificate from a trusted certificate authority (CA).
- At a command prompt, change to <UnwiredPlatform_InstallDir>\UnwiredPlatform\Servers\SQLAnywhere11\BIN32.
- Run:
- When prompted, enter 1024 as the RSA key length. For all remaining prompts, enter appropriate values for your deployment; for example:
<UnwiredPlatform_InstallDir>\UnwiredPlatform\Servers\SQLAnywhere11\BIN32>createcert
SQL Anywhere X.509 Certificate Generator Version 11.0.1.2405
Enter RSA key length (512-16384): 1024
Generating key pair...
Country Code: US
State/Province: CA
Locality: Dublin
Organization: MyCompanyCA
Organizational Unit: PTO
Common Name: MyCompanyCA
Enter file path of signer's certificate:
Certificate will be a self-signed root
Serial number [generate GUID]:<enter>
Generated serial number: 3f52ee68c8604e48b8359e0c0128da5a
Certificate valid for how many years (1-100): 10
Certificate Authority (Y/N) [N]: Y
1. Digital Signature
2. Nonrepudiation
3. Key Encipherment
4. Data Encipherment
5. Key Agreement
6. Certificate Signing
7. CRL Signing
8. Encipher Only
9. Decipher Only
Key Usage [6,7]: <enter>
Enter file path to save certificate: rsa_root.crt
Enter file path to save private key: rsa_key.key
Enter password to protect private key: <MyPwd>
Enter file path to save identity: id.pem
Use the myserver_identity.crt file when you configure RBS encryption in Sybase Control Center and use the mypublic_cert.crt file when you configure the RBS application that connects to that port. If you are running the RBS server behind a relay server that already uses encryption, these follow-up steps are optional.
Next
Ensure you store your key and identity files in a safe place.