Sets network protocol options used by the MobiLink server to listen for synchronization requests.
Separately licensed component required.
ECC encryption and FIPS-certified encryption require a separate license. All strong encryption technologies are subject to export regulations.
Syntaxmlsrv12 -c "connection-string" -x protocol[protocol-options] [ -x protocol[protocol-options] ... ] ...
protocol : tcpip | tls | http | https | oe
protocol-options : ( option=value; ... )
RemarksThe -x option must be specified for each protocol being used. For example, to have MobiLink listen for both TCP/IP and HTTP, you would specify something like the following:
mlsrv12 -x tcpip(port=1234) -x http(port=2222) |
The default is tcpip with port 2439.
ParametersThe allowed values of protocol are as follows:
tcpip Accept connections using TCP/IP.
tls Accept connections using TCP/IP and transport-layer security (TLS).
http Accept connections using the standard HTTP web protocol.
https Accept connections using a variant of HTTP that handles secure transactions. The HTTPS protocol implements HTTP over SSL/TLS using RSA or ECC encryption.
oe Use an integrated Outbound Enabler when using the Relay Server. You cannot include more than one -x oe protocol on the server command line.
You can also specify the following network protocol options, in the form option=value. You must separate multiple options with semicolons.
TCP/IP options If you specify the tcpip protocol, you can optionally specify the following protocol options (these options are case sensitive):
| TCP/IP protocol option | Description |
|---|---|
| collect_network_data={ yes | no } | Enables synchronization scripts to read network information from each synchronization. See NetworkData interface [MobiLink server Java] and NetworkData interface [MobiLink server .NET]. |
| host=hostname | The host name or IP number on which the MobiLink server should listen. The default value is localhost. |
| ignore=hostname | A host name or IP number that gets ignored by the MobiLink server if it makes a connection. This option allows you to ignore
requests from load balancers at the lowest possible level, preventing excessive output in the MobiLink server log and MobiLink
Monitor output files. You can specify multiple hosts to ignore; for example -x tcpip(ignore=lb1;ignore=123.45.67.89). If you specify multiple instances of -x on a command line, the host is ignored on all instances; for example, if you specify
-x tcpip(ignore=1.1.1.1) -x http, then connections for 1.1.1.1 are ignored on both the TCP/IP and the HTTP streams.
|
| port=portnumber | The socket port number on which the MobiLink server should listen. The default port is 2439, which is the IANA registered port number for the MobiLink server. |
Options for TCP/IP with transport-layer security If you specify the tls protocol, which is TCP/IP with transport-layer security, you can optionally specify the following protocol options (these options are case sensitive):
| TLS protocol options | Description |
|---|---|
| collect_network_data={ yes | no } | Enables synchronization scripts to read network information from each synchronization. See NetworkData interface [MobiLink server Java] and NetworkData interface [MobiLink server .NET]. |
| e2ee_private_key=file |
The PEM or DER encoded file containing the RSA or ECC private key. This option is required for end-to-end encryption to take effect. PEM and DER encoded files are created using the createkey utility. See Key Pair Generator utility (createkey). |
| e2ee_private_key_password=password |
The password to the private key file. This option is required for end-to-end encryption to take effect. When this option is specified, the e2ee_private_key parameter must also be specified. To avoid making this password visible in the MobiLink server command line, use the dbfhide utility. See File Hiding utility (dbfhide). |
| e2ee_type={ rsa | ecc } |
The type of the key used to exchange session keys for end-to-end encryption. Must be either rsa or ecc, and must match the key type in the private key file (see e2ee_private_key option). The default e2ee_type is rsa. When this option is specified, the e2ee_private_key option must also be specified. |
| fips={yes|no} | If you specify the TLS protocol with tls_type=rsa, you can specify fips=yes to accept connections using the TCP/IP protocol and FIPS-certified encryption algorithms. FIPS-certified connections use separate FIPS 140-2 certified software. Servers using RSA encryption without FIPS-certified encryption are compatible with clients using RSA that have the fips option enabled. Servers using RSA with the fips option enabled are compatible with clients using RSA that do not have the fips option enabled. |
| host=hostname | The host name or IP number on which the MobiLink server should listen. The default value is localhost. |
| identity=identity-file | The path and file name of the identity file that is to be used for server authentication. |
| identity_password=password |
An optional parameter that specifies a password for the identity file. When this option is specified, the identity option must also be specified. To avoid making this password visible in the MobiLink server command line, use the dbfhide utility. See File Hiding utility (dbfhide). |
| ignore=hostname | A host name or IP number that gets ignored by the MobiLink server if it makes a connection. This option allows you to ignore
requests from load balancers at the lowest possible level, preventing excessive output in the MobiLink server log and MobiLink
Monitor output files. You can specify multiple hosts to ignore; for example -x tcpip(ignore=lb1;ignore=123.45.67.89).
|
| port=portnumber | The socket port number on which the MobiLink server should listen. The default port is 2439, which is the IANA registered port number for the MobiLink server. |
| tls_type={ rsa | ecc } |
If you specify the protocol as tls, you can specify either elliptic-curve cryptography (ecc) or RSA encryption (rsa). For backward compatibility, ecc can also be specified as certicom. The default tls_type is rsa. When you use TLS, you must specify an identity and an identity password:
See Starting the MobiLink server with transport-layer security. |
HTTP options If you specify the http protocol, you can optionally specify the following protocol options (these options are case sensitive):
| HTTP options | Description |
|---|---|
| buffer_size=number | The maximum body size for an HTTP message sent from MobiLink server, in bytes. Changing the option decreases or increases the amount of memory allocated for sending HTTP messages. The default is 65536 bytes. |
| collect_network_data={ yes | no } | Enables synchronization scripts to read network information from each synchronization. See NetworkData interface [MobiLink server Java] and NetworkData interface [MobiLink server .NET]. |
| host=hostname | The host name or IP number on which the MobiLink server should listen. The default value is localhost. |
| log_bad_request={ yes | no } | When set to yes, the MobiLink server prints an error if it receives an incomplete or unexpected HTTP request. These errors are analogous to those printed by the -vf option. The default is no. See -v mlsrv12 option. |
| port=portnumber | The socket port number on which the MobiLink server should listen. The default port is 80. |
| version=http-version | The MobiLink server automatically detects the HTTP version used by a client. This parameter is a string specifying the default version of HTTP to use if the server cannot detect the version used by the client. You have a choice of 1.0 or 1.1. The default value is 1.1. |
HTTPS options The HTTPS protocol uses RSA or ECC digital certificates for transport-layer security. If you specify FIPS encryption, the protocol uses separate FIPS 140-2 certified software that is compatible with HTTPS.
For more information, see Starting the MobiLink server with transport-layer security.
If you specify the https protocol, you can optionally specify the following protocol options (these options are case sensitive):
| HTTPS options | Description |
|---|---|
| buffer_size=number | The maximum body size for an HTTPS message sent from MobiLink server, in bytes. Changing the option decreases or increases the amount of memory allocated for sending HTTPS messages. The default is 65536 bytes. |
| collect_network_data={ yes | no } | Enables synchronization scripts to read network information from each synchronization. See NetworkData interface [MobiLink server Java] and NetworkData interface [MobiLink server .NET]. |
| e2ee_private_key=file |
The PEM or DER encoded file containing the rsa or ecc private key. This option is required for end-to-end encryption to take effect. PEM and DER encoded files are created using the createkey utility. See Key Pair Generator utility (createkey). |
| e2ee_private_key_password=password |
The password to the private key file. This option is required for end-to-end encryption to take effect. When this option is specified, the e2ee_private_key option must also be specified. To avoid making this password visible in the MobiLink server command line, use the dbfhide utility. See File Hiding utility (dbfhide). |
| e2ee_type={ rsa | ecc } |
The type of the key used to exchange session keys for end-to-end encryption. Must be either rsa or ecc, and must match the key type in the private key file (see e2ee_private_key option). The default e2ee_type is rsa. When this option is specified, the e2ee_private_key option must also be specified. |
| fips={yes|no} | If you specify the TLS protocol with tls_type=rsa, you can specify fips=yes to accept connections using the TCP/IP protocol and FIPS-certified encryption algorithms. FIPS-certified connections use separate FIPS 140-2 certified software. Servers using RSA encryption without FIPS-certified encryption are compatible with clients using RSA that have the fips option enabled. Servers using RSA with the fips option enabled are compatible with clients using RSA that do not have the fips option enabled. |
| host= hostname | The host name or IP number on which the MobiLink server should listen. The default value is localhost. |
| identity=server-identity | The path and file name of the identity file that is to be used for server authentication. |
| identity_password=password |
An optional parameter that specifies a password for the identity file. When this option is specified, the identity option must also be specified. To avoid making this password visible in the MobiLink server command line, use the dbfhide utility. See File Hiding utility (dbfhide). |
| log_bad_request={ yes | no } | When set to yes, the MobiLink server prints an error if it receives an incomplete or unexpected HTTP request. These errors are analogous to those printed by the -vf option. The default is no. See -v mlsrv12 option. |
| port=portnumber | The socket port number on which the MobiLink server should listen. The port number must match the port the MobiLink server is set up to monitor. The default port is 443. |
| tls_type={ rsa | ecc } |
If you specify the TCP/IP protocol as tls, you can specify either elliptic-curve cryptography (ecc) or RSA encryption (rsa). For backward compatibility, ecc can also be specified as certicom. The default tls_type is rsa. When you use transport-layer security, you must specify an identity and an identity password:
See Starting the MobiLink server with transport-layer security. |
| version=http-version | The MobiLink server automatically detects the HTTP version used by a client. This parameter is a string specifying the default version of HTTP to use if the server cannot detect the version used by the client. You have a choice of 1.0 or 1.1. The default value is 1.1. |
OE options If you specify the oe protocol, you can optionally specify the following protocol options (these options are case sensitive):
| OE protocol option | Description |
|---|---|
| buffer_size=number |
The maximum body size for an HTTP message sent from MobiLink server, in bytes. Changing the option decreases or increases the amount of memory allocated for sending HTTP messages. The default is 65536 bytes. |
| config=file |
The Outbound Enabler configuration file. It has the same format as a configuration file for the stand-alone Outbound Enabler, except you should not specify the -cs option within the file. You must specify exactly one configuration file. |
| log_bad_request={yes|no} | When set to yes, the MobiLink server prints an error if it receives an incomplete or unexpected HTTP request. These errors are analogous to those printed by the -vf option. The default is no. See -v mlsrv12 option. |
| version=http-version |
The MobiLink server automatically detects the HTTP version used by a client. This parameter is a string specifying the default version of HTTP to use if the server cannot detect the method used by the client. You have a choice of 1.0 or 1.1. The default value is 1.1. |
ExampleThe following command line sets the TCP/IP port to 12345:
mlsrv12 -c "DSN=SQL Anywhere 12 CustDB;UID=DBA;PWD=sql" -x tcpip(port=12345) |
The following example specifies the type of security (RSA), the server identity file, and the identity password protecting the server's private key:
mlsrv12 -c "DSN=my_cons" -x tls(tls_type=rsa;identity=c:\test\serv_rsa1.crt;identity_password=pwd) |
The following example is similar to the previous, except that there is a space in the identity file name:
mlsrv12 -c "DSN=my_cons" -x "tls(tls_type=rsa;identity=c:\Program Files\test\serv_rsa1.crt;identity_password=pwd)" |
The following example shows the use of end-to-end encryption over HTTPS:
mlsrv12 -c "DSN=my_cons" -x https(tls_type=rsa;identity=my_identity.crt; identity_password=my_id_pwd;e2ee_type=rsa;e2ee_private_key=my_pk.pem; e2ee_private_key_password=my_pk_pwd) |
The following example shows the use of the integrated Outbound Enabler:
mlsrv12 -c "DSN=my_cons" -x oe(config=oeconfig.txt) |
In the example above, the oeconfig.txt file contains the following:
-f farm.name -id servername -t a18b2e37dbc296322ec5a6eded6ba896 -cr "host=relayserver.sybase.com;https=0;port=80" |
 |
Discuss this page in DocCommentXchange.
|
Copyright © 2012, iAnywhere Solutions, Inc. - SQL Anywhere 12.0.1 |