Encrypting the communication stream

The qaagent -x option can be used to specify a secure communication stream that the QAnywhere Agent can use to communicate with a MobiLink server. It allows you to implement server authentication using server-side certificates, and it allows you to encrypt the communication stream using strong encryption.

See -x option.

You must set up transport-layer security for the MobiLink server as well. For information about creating digital certificates and setting up the MobiLink server, see Encrypting MobiLink client/server communications.

Separately licensed component required

ECC encryption and FIPS-certified encryption require a separate license. All strong encryption technologies are subject to export regulations.

See Separately licensed components.

Examples

The following examples show how to establish a secure communication stream between the QAnywhere Agent and the MobiLink server. They use sample identity files that are installed when the SQL Anywhere security option is installed.

Secure TCP/IP using RSA:

mlsrv11 -x tls(tls_type=rsa;identity=rsaserver.id;identity_password=test)
qaagent -x tls(tls_type=rsa;trusted_certificates=rsaroot.crt)

Secure TCP/IP using ECC:

mlsrv11 -x tls(tls_type=ecc;identity=eccserver.id;identity_password=test)
qaagent -x tls(tls_type=ecc;trusted_certificates=eccroot.crt)

Secure HTTP using HTTPS (only RSA certificates are supported for HTTPS):

mlsrv11 -x https(identity=rsaserver.id;identity_password=test)
qaagent -x https(trusted_certificates=rsaroot.crt)