Creating the Certificates Directory, Enabling SSL, and Verifying the Log Files

Learn the steps to create the certificates directory, enable SSL, and verify the log files.

  1. Create a directory to hold the certificates:
    C:\<install_dir>\DC-15_0\servers
\<srvname>\certificates
  2. Copy the servicename.crt, servicename.pwd, servicename.txt, and the svrname.txt files into the new directory:
    copy C:\<install_dir>\DC-15_0\bin\servicename.*
C:\<install_dir>\DC-15_0\servers\<srvname>\certificates

copy C:\<install_dir>\DC-15_0\bin\srvname.txt
C:\<install_dir>\DC-15_0\servers\<srvname>\certificates
  3. Verify that the files are copied by listing the contents of the certificates directory:
    cd C:\<install_dir>\DC-15_0\servers
\<server_name>\certificates

    You should see:

    servicename.crt
servicename.pwd
servicename.txt
srvname.txt
    Note: The files located in the \<install_dir>\DC-15_0\servers\<server_name>\certificates directory include keys and password information. It is important to modify the permission of these files so that they are only viewable and writable by the user account that starts the server. To do this, modify the files' properties accordingly. Consult your IT security officer for further steps.
  4. Change to C:\<install_dir>\DC-15_0\servers\server.css.cfg. Using a text editor like Notepad, edit the server.cfg file to enable the SSL service:
    1. Set the SSLTrustedCertificateFile property to the SSLTrustedCertificateFile path, for example:
      SSLTrustedCertificateFile=C:\Sybase\DC-15_0\servers\dkxpsrv\certificates
    2. Enter the name of the service in the SSLServices property that will use SSL:
      {Client Interaction}SSLServices=servicename
    3. Enable SSL:
      SSLEnabled=yes
  5. Verify that the logging properties are set correctly:
    (Logging)
LogWrap=yes
LogToScreen=yes
LogOCOSMessages=1
LogFlush=yes
LogFileSize=500000
LogFileName=
LogClientMessages=1
LogClientLogin=yes

    Save the server.cfg file.

  6. Use a text editor to append “ssl” to the master and query entries in the sql.ini file:
    cd C:\<install_dir>\ini
    notepad sql.ini 
[srvname]
    MASTER = NLWNSCK, machine name, port, ssl
Query = NLWNSCK, machine name, port, ssl

    Save the sql.ini file.

  7. Start the server:
    C:\<install_dir>\DC-15_0\bin\DCStart -Ssrvname
  8. Verify that these log entries exist in C:\<install_dir>\DC-15_0\servers\<srvname>\log\<srvname>.log:
    LogHeader	...SSL:Checking for servicename.txt...
LogHeader	...SSL:Using trusted CA file...
LogHeader	...SSL:Checking for servicename.crt...
LogHeader	...SSL:Using certificate file...
LogHeader	...SSL:Checking for servicename.pwd...
LogHeader	...SSL:Using certificate password file...
Parent topic: Set Up SSL on Windows Server