The SSL filter is different from other security mechanisms, such as DCE and Kerberos, which are defined with SECHMECH (security mechanism) lines in the interfaces file (sql.ini on Windows). The master and query lines determine the security protocols that are enforced for the connection.
For example, a typical interfaces file on a UNIX machine using transport layer interface (tli) and SSL looks like this:
SERVER <retries><time-outs>
query tli tcp /dev/tcp
tli_add1 ssl
master tli tcp /dev/tcp tli_add1
ssl
A typical sql.ini file on Windows NT using SSL looks like this:
[SERVER]
query=TCP,hostname,address1, ssl
master=TCP,hostname,address1, ssl
where hostname is the name of the server to which the client is connecting and address1 is the port number of the host machine. All connection attempts to a master or query entry in the interfaces file with an SSL filter must support the SSL protocol. A server can be configured to accept SSL connections and have other connections that accept plain text (unencrypted data), or use other security mechanisms.
