Sets network protocol options used by the MobiLink server to listen for synchronization requests.
ECC encryption and FIPS-certified encryption require a separate license. All strong encryption technologies are subject to export regulations.
mlsrv12 -c "connection-string" -x protocol[protocol-options] ...
protocol : tcpip | tls | http | https | oe
protocol-options : ( option=value; ... )
The default is TCPIP with port 2439.
The allowed values of protocol are as follows:
tcpip Accept connections using TCP/IP.
tls Accept connections using TCP/IP and transport-layer security (TLS).
http Accept connections using the standard HTTP Web protocol.
https Accept connections using a variant of HTTP that handles secure transactions. The HTTPS protocol implements HTTP over SSL/TLS using RSA or ECC encryption.
oe Use an integrated Outbound Enabler when using the Relay Server. You cannot include more than one -x oe switch on the server command line.
You can also specify the following network protocol options, in the form option=value. You must separate multiple options with semicolons.
TCP/IP options If you specify the tcpip protocol, you can optionally specify the following protocol options (these options are case sensitive):
TCP/IP protocol option | Description |
---|---|
host=hostname | The host name or IP number on which the MobiLink server should listen. The default value is localhost. |
ignore=hostname | A host name or IP number that gets ignored by the MobiLink server if it makes a connection. This option allows you to ignore
requests from load balancers at the lowest possible level, preventing excessive output in the MobiLink server log and MobiLink
Monitor output files. You can specify multiple hosts to ignore; for example -x tcpip(ignore=lb1;ignore=123.45.67.89) . If you specify multiple instances of -x on a command line, the host is ignored on all instances; for example, if you specify
-x tcpip(ignore=1.1.1.1) -x http, then connections for 1.1.1.1 are ignored on both the TCP/IP and the HTTP streams.
|
port=portnumber | The socket port number on which the MobiLink server should listen. The default port is 2439, which is the IANA registered port number for the MobiLink server. |
Options for TCP/IP with transport-layer security If you specify the tls protocol, which is TCP/IP with transport-layer security, you can optionally specify the following protocol options (these options are case sensitive):
TLS protocol options | Description |
---|---|
fips={yes|no} | If you specify the TLS protocol with tls_type=rsa, you can specify fips=yes to accept connections using the TCP/IP protocol and FIPS-approved algorithms for encryption. FIPS connections use separate FIPS 140-2 certified software. Servers using RSA encryption without FIPS are compatible with clients using RSA with FIPS, and servers using RSA with FIPS are compatible with clients using RSA without FIPS. |
host=hostname | The host name or IP number on which the MobiLink server should listen. The default value is localhost. |
ignore=hostname | A host name or IP number that gets ignored by the MobiLink server if it makes a connection. This option allows you to ignore
requests from load balancers at the lowest possible level, preventing excessive output in the MobiLink server log and MobiLink
Monitor output files. You can specify multiple hosts to ignore; for example -x tcpip(ignore=lb1;ignore=123.45.67.89) .
|
port=portnumber | The socket port number on which the MobiLink server should listen. The default port is 2439, which is the IANA registered port number for the MobiLink server. |
tls_type={rsa|ecc} |
If you specify the protocol as tls, you can specify either elliptic-curve cryptography (ecc) or RSA encryption (rsa). For backward compatibility, ecc can also be specified as certicom. The default tls_type is rsa. When you use TLS, you must specify an identity and an identity password:
See Starting the MobiLink server with transport-layer security. |
e2ee_type={rsa|ecc} |
The type of the key used to exchange session keys for end-to-end encryption. Must be either rsa or ecc, and must match the key type in the private key file (see next option). The default e2ee_type is rsa. |
e2ee_private_key=file |
The PEM-encoded file containing the rsa or ecc private key. This option is required for end-to-end encryption to take effect. PEM-encoded files are created using the createkey utility. See Key Pair Generator utility (createkey). |
e2ee_private_key_password=password |
The password to the private key file. This option is required for end-to-end encryption to take effect. To avoid making this password visible in the MobiLink server command line, use the dbfhide utility. See File Hiding utility (dbfhide). |
HTTP options If you specify the http protocol, you can optionally specify the following protocol options (these options are case sensitive):
HTTP options | Description |
---|---|
buffer_size=number | The maximum body size for an HTTP message sent from MobiLink server, in bytes. Changing the option decreases or increases the amount of memory allocated for sending HTTP messages. The default is 65536 bytes. |
host=hostname | The host name or IP number on which the MobiLink server should listen. The default value is localhost. |
log_bad_request={yes|no} | When set to yes, the MobiLink server prints an error if it receives an incomplete or unexpected HTTP request. These errors are analogous to those printed by the -vf option. The default is no. See -v mlsrv12 option. |
port=portnumber | The socket port number on which the MobiLink server should listen. The default port is 80. |
version=http-version | The MobiLink server automatically detects the HTTP version used by a client. This parameter is a string specifying the default version of HTTP to use if the server cannot detect the version used by the client. You have a choice of 1.0 or 1.1. The default value is 1.1. |
HTTPS options The HTTPS protocol uses RSA or ECC digital certificates for transport-layer security. If you specify FIPS encryption, the protocol uses separate FIPS 140-2 certified software that is compatible with HTTPS.
For more information, see Starting the MobiLink server with transport-layer security.
If you specify the https protocol, you can optionally specify the following protocol options (these options are case sensitive):
HTTPS options | Description |
---|---|
buffer_size=number | The maximum body size for an HTTPS message sent from MobiLink server, in bytes. Changing the option decreases or increases the amount of memory allocated for sending HTTPS messages. The default is 65536 bytes. |
identity=server-identity | The path and file name of the identity file that is to be used for server authentication. |
identity_password=password |
An optional parameter that specifies a password for the identity file. To avoid making this password visible in the MobiLink server command line, use the dbfhide utility. See File Hiding utility (dbfhide). |
fips={yes|no} | You can specify fips=yes to accept connections using the HTTPS protocol and FIPS-approved algorithms for encryption. FIPS connections use separate FIPS 140-2 certified software. Servers using RSA encryption without FIPS are compatible with clients using RSA with FIPS, and servers using RSA with FIPS are compatible with clients using RSA without FIPS. |
host= hostname | The host name or IP number on which the MobiLink server should listen. The default value is localhost. |
port=portnumber | The socket port number on which the MobiLink server should listen. The port number must match the port the MobiLink server is set up to monitor. The default port is 443. |
tls_type={rsa|ecc} |
If you specify the TCP/IP protocol as tls, you can specify either elliptic-curve cryptography (ecc) or RSA encryption (rsa). For backward compatibility, ecc can also be specified as certicom. The default tls_type is rsa. When you use transport-layer security, you must specify an identity and an identity password:
See Starting the MobiLink server with transport-layer security. |
version=http-version | The MobiLink server automatically detects the HTTP version used by a client. This parameter is a string specifying the default version of HTTP to use if the server cannot detect the version used by the client. You have a choice of 1.0 or 1.1. The default value is 1.1. |
e2ee_type={rsa|ecc} |
The type of the key used to exchange session keys for end-to-end encryption. Must be either rsa or ecc, and must match the key type in the private key file (see next option). The default e2ee_type is rsa. |
e2ee_private_key=file |
The PEM-encoded file containing the rsa or ecc private key. This option is required for end-to-end encryption to take effect. PEM-encoded files are created using the createkey utility. See Key Pair Generator utility (createkey). |
e2ee_private_key_password=password |
The password to the private key file. This option is required for end-to-end encryption to take effect. To avoid making this password visible in the MobiLink server command line, use the dbfhide utility. See File Hiding utility (dbfhide). |
log_bad_request={yes|no} | When set to yes, the MobiLink server prints an error if it receives an incomplete or unexpected HTTP request. These errors are analogous to those printed by the -vf option. The default is no. See -v mlsrv12 option. |
OE options If you specify the oe protocol, you can optionally specify the following protocol options (these options are case sensitive):
OE protocol option | Description |
---|---|
config=file |
The Outbound Enabler configuration file. It has the same format as a configuration file for the stand-alone Outbound Enabler, except you should not specify the -cs switch within the file. You must specify exactly one configuration file. |
buffer_size=number |
The maximum body size for an HTTP message sent from MobiLink server, in bytes. Changing the option decreases or increases the amount of memory allocated for sending HTTP messages. The default is 65536 bytes. |
version=http-version |
The MobiLink server automatically detects the HTTP version used by a client. This parameter is a string specifying the default version of HTTP to use if the server cannot detect the method used by the client. You have a choice of 1.0 or 1.1. The default value is 1.1. |
log_bad_request={yes|no} | When set to yes, the MobiLink server prints an error if it receives an incomplete or unexpected HTTP request. These errors are analogous to those printed by the -vf option. The default is no. See -v mlsrv12 option. |
The following command line sets the TCP/IP port to 12345:
mlsrv12 -c "dsn=SQL Anywhere 12 CustDB;uid=DBA;pwd=sql" -x tcpip(port=12345) |
The following example specifies the type of security (RSA), the server identity file, and the identity password protecting the server's private key:
mlsrv12 -c "dsn=my_cons" -x tls(tls_type=rsa;identity=c:\test\serv_rsa1.crt;identity_password=pwd) |
The following example is similar to the previous, except that there is a space in the identity file name:
mlsrv12 -c "dsn=my_cons" -x "tls(tls_type=rsa;identity=c:\Program Files\test\serv_rsa1.crt;identity_password=pwd)" |
The following example shows the use of end-to-end encryption over HTTPS:
mlsrv12 -c "dsn=my_cons" -x https(tls_type=rsa;identity=my_identity.crt; identity_password=my_id_pwd;e2ee_type=rsa;e2ee_private_key=my_pk.pem; e2ee_private_key_password=my_pk_pwd) |
The following example shows the use of the integrated Outbound Enabler:
mlsrv12 -c "dsn=my_cons" -x oe(config=oeconfig.txt) |
In the example above, the oeconfig.txt file contains the following:
-f farm.name -id servername -t a18b2e37dbc296322ec5a6eded6ba896 -cr "host=relayserver.sybase.com;https=0;port=80" |
Discuss this page in DocCommentXchange.
|
Copyright © 2010, iAnywhere Solutions, Inc. - SQL Anywhere 12.0.0 |