To start the MobiLink server with transport-layer security, supply the identity file and the identity password protecting the server's private key.
For an overview of the steps required to set up transport-layer security, see Setting up transport-layer security.
Use the mlsrv11 -x server option to specify an identity and an identity password. Following is a partial mlsrv11 command line (which must be written on one line):
-x protocol( tls_type=cipher; fips={ y | n }; identity=identity-file; identity_password=password;... )
protocol The protocol to use. It can be https or tls. The tls protocol is TCP/IP with TLS.
cipher The cipher to use. It can be rsa or ecc for RSA and ECC encryption, respectively. The cipher must match the encryption used to create your identity.
fips Indicates whether or not to use FIPS. FIPS can only be used with RSA encryption. RSA FIPS uses separate FIPS 140-2 certified software from Certicom. Servers using FIPS are compatible with clients not using FIPS and vice versa. RSA FIPS can be used for SQL Anywhere clients on any supported 32-bit Windows platform or Solaris, or for UltraLite clients on Unix or any supported 32-bit Windows platform including Windows Mobile.
identity-file The path and file name of the identity file, which contains the server's private key, the server's certificate, and, optionally, the certificates signed by the Certificate Authority.
For information about creating the server certificate, which can be self-signed, or signed by a Certificate Authority or enterprise root certificate, see Creating digital certificates.
password The password for the server private key. You specify this password when you create the server identity.
See -x option.
The following example specifies the type of security (RSA), the server identity file, and the identity password protecting the server's private key on the mlsrv11 command line:
mlsrv11 -c "dsn=my_cons" -x tls(tls_type=rsa;identity=c:\test\serv_rsa1.crt;identity_password=pwd) |
The following example specifies an ECC identity on the mlsrv11 command line:
mlsrv11 -c "dsn=my_cons" -x tls(tls_type=ecc;identity=c:\test\serv_ecc1.crt;identity_password=pwd) |
The following example is similar to the previous, except that there is a space in the identity file name:
mlsrv11 -c "dsn=my_cons" -x "tls(tls_type=rsa;identity=c:\Program Files\test\serv_rsa1.crt;identity_password=pwd)" |
For more information about the mlsrv11 -x option, see -x option.
For more information about creating the server identity file, in this case serv_ecc1.crt, see Creating digital certificates.
You can hide the command line options using a configuration file and the File Hiding utility (dbfhide). See @data option.
Send feedback about this page via email or DocCommentXchange | Copyright © 2008, iAnywhere Solutions, Inc. - SQL Anywhere 11.0.0 |