Creating a secure client message store

To secure your client message store, you can:

Example

First, create a SQL Anywhere database with an encryption key:

dbinit mystore.db -i -s -ek some_phrase

The -i and -s options are optimal for small devices. The -ek option specifies the encryption key for strong encryption. See Initialization utility (dbinit).

Next, initialize the database as a client message store:

qaagent -id mystore -si -c "dbf=mystore.db;dbkey=some_phrase"

Next, create a new remote user with DBA authority, and a password for this user. Revoke the default QAnywhere user and change the password of the default DBA user. Log in as user DBA with password sql and execute the following SQL statements:

CREATE USER secure_user IDENTIFIED BY secure_password
GRANT MEMBERSHIP IN GROUP ml_qa_user_group TO secure_user
GRANT REMOTE DBA TO secure_user
REVOKE CONNECT FROM ml_qa_user
ALTER USER DBA IDENTIFIED BY new_dba_password
COMMIT
Note

All QAnywhere users must belong to ml_qa_user_group and have remote DBA authority.

Next, start the QAnywhere Agent with the secure DBA user:

qaagent -id mystore -c "dbf=mystore.db;dbkey=some_phrase;uid=secure_user;pwd=secure_password"

Manage client message store passwords
Encrypting the client message store