Sybase SQL Anywhere database files and log files that are used as part of the Unwired Platform data tier can be encrypted. The databases that use this database type are the CDB, the monitoring database, and the domain log database.
- Stop all
Sybase Unwired Platform services.
- Launch dbisql from
<UnwiredPlatform_InstallDir>\Servers\SQLAnywhereXX\BINXX.
- Connect to a database, other than the client database you want to encrypt.
- From dbisql, issue:
CREATE ENCRYPTED DATABASE ‘newdbfile’ FROM ‘existingdbfile’ KEY ‘someKey’ ALGORITHM ‘algorithm’
Supported algorithms include:
- SIMPLE
- AES
- AES256
- AES_FIPS
- AES256_FIPS
Note: FIPS
options are available only as a separately licensed option for SQLAnywhere.
- Once the database files and log files are encrypted:
- Shut down the database
server.
- Restart
the database server
with the
-ek <encryption key> database option.
This modifies the server startup to use the encrypted copy of the database
file.
- Restart
all stopped services.