Communication stream encryption

The qaagent -x option can be used to specify a secure communication stream that the QAnywhere Agent can use to communicate with a MobiLink server. It allows you to implement server authentication using server-side certificates, and it allows you to encrypt the communication stream using strong encryption.

You must set up transport-layer security for the MobiLink server as well.

Note

Separately licensed component required.

ECC encryption and FIPS-certified encryption require a separate license. All strong encryption technologies are subject to export regulations.

See Separately licensed components.

Examples

The following examples show how to establish a secure communication stream between the QAnywhere Agent and the MobiLink server. They use sample identity files that are installed when the SQL Anywhere security option is installed.

Secure TCP/IP using RSA:

mlsrv12 -x tls(tls_type=rsa;identity=rsaserver.id;identity_password=test)
qaagent -x tls(tls_type=rsa;trusted_certificate=rsaroot.crt)

Secure TCP/IP using ECC:

mlsrv12 -x tls(tls_type=ecc;identity=eccserver.id;identity_password=test)
qaagent -x tls(tls_type=ecc;trusted_certificate=eccroot.crt)

Secure HTTP using HTTPS (only RSA certificates are supported for HTTPS):

mlsrv12 -x https(identity=rsaserver.id;identity_password=test)
qaagent -x https(trusted_certificate=rsaroot.crt)