The following steps provide an overview of the tasks required to set up transport-layer security.
Overview of setting up transport-layer security
Obtain digital certificates.
You need identity files and certificate files. The server identity file contains the server's private key and should be stored securely with the database or MobiLink server. You distribute the server certificate file to your clients.
You can buy certificates from a certificate authority. SQL Anywhere also provides functionality to create certificates, which is especially useful for development and testing. See Creating digital certificates.
If you are setting up transport-layer security for SQL Anywhere client/server applications:
Start the SQL Anywhere database server with transport-layer security Use the -ec database server option to specify the type of security, the server identity file name, and the password to protect the server's private key.
If you also want to allow unencrypted connections over shared memory, specify the -es option.
See Starting the database server with transport-layer security.
Configure client applications to use transport-layer security Specify the path and file name of trusted certificates using the Encryption connection parameter [ENC].
See Configuring client applications to use transport-layer security.
If you are setting up transport-layer security for SQL Anywhere web services:
Start the SQL Anywhere database server with transport-layer security Use the -xs database server option to specify the type of security, the server identity file name, and the password to protect the server's private key.
Configure browsers or other web clients to trust certificates See Encrypting SQL Anywhere web services.
If you are setting up transport-layer security for MobiLink synchronization:
Start the MobiLink server with transport-layer security Use the mlsrv11 -x option to specify the security stream, the server identity file name, and the password to protect the server's private key.
See Starting the MobiLink server with transport-layer security.
Configure MobiLink clients to use transport-layer security Supply the appropriate security or network protocol options with the MobiLink synchronization client utility (dbmlsync) or UltraLite application. Specify the security stream and trusted server certificate file names.
See Configuring MobiLink clients to use transport-layer security.
You can post questions on the newsgroups:
Send feedback about this page via email or DocCommentXchange | Copyright © 2008, iAnywhere Solutions, Inc. - SQL Anywhere 11.0.0 |