Encryption Connection Parameter [ENC]

Encrypts packets sent between the client application and the server.

Usage

For RSA_TLS, TCP/IP only

For NONE or SIMPLE, anywhere

Values

String

Default

NONE

If an Encryption value is not set, encryption is controlled by the setting on the server, which defaults to no encryption.

Description

You can use this parameter if you are concerned about the security of network packets. Encryption marginally affects performance. The Encryption (ENC) connection parameter accepts these arguments:

  • None accepts communication packets that are unencrypted. This value is equivalent to NO in earlier versions of SAP Sybase IQ.

  • Simple accepts communication packets that are encrypted with simple encryption supported on all platforms and on pre-12.6 versions of SAP Sybase IQ. This value is equivalent to YES in earlier versions of SAP Sybase IQ.

  • RSA_TLS accepts communication packets that are encrypted using RSA encryption technology. To use this type of encryption, both the server and the client must be operating on Solaris, Linux, and all supported Windows operating systems, and the connection must be over the TCP/IP port. UNIX platforms, except for Solaris and Linux, do not recognize the client or server RSA_TLS parameter. To authenticate the server, the software verifies that the server's certificate values match any values you supply about the client using the following arguments:

    • trusted_certificates specify the certificate file the client uses to authenticate the server.

    • certificate_company specifies the value for the organization field. The server's value and the client's value must match.

    • certificate_unit specifies the value for the organization unit field. The server's value and the client's value must match.

    • certificate_name specifies the certificate's common name. The server's value and the client's value must match.

Warning!  Use the sample certificate only for testing purposes. It provides no security in deployed situations because it and the corresponding password are widely distributed with SAP Sybase IQ software. To protect your system, create your own certificate.

You can use the connection_property system function to retrieve the encryption settings for the current connection.

Examples

  • The following connection string fragment connects to a database server myeng with a TCP/IP link, using Certicom encryption and the sample trusted certificate:

    "ENG=myeng; LINKS=tcpip; Encryption=TLS (tls_type=ECC;trusted_certificate=sample.crt)"

  • The following connection string fragment connects to a database server myeng with a TCP/IP link, using RSA encryption and the sample trusted certificate:

    "ENG=myeng; LINKS=tcpip; Encryption=TLS(tls_type=RSA;trusted_certificate=/Sybase/IQ/certificate_authority_sample.pem)"
Parent topic: Connection Parameters