The list of known and trusted CAs is maintained in the trusted roots file. The trusted roots file is similar in format to a certificate file, except that it contains certificates for CAs known to the entity (client applications, servers, network resources, and so on). The System Security Officer adds and deletes CAs using a standard ASCII-text editor.
The trusted roots file for Open Client and Open Server is located in %SYBASE%\ini\trusted.txt.
Currently, the recognized CAs are Thawte, Entrust, Baltimore, VeriSign, and RSA.
By default, Adaptive Server stores its own trusted roots file in %SYBASE%\%SYBASE_ASE%\certificates\servername.txt.
Both Open Client and Open Server allow you to specify an alternate location for the trusted roots file:
Open Client:
ct_con_props (connection, CS_SET, CS_PROP_SSL_CA, “SYBASEhome\ini\trusted.txt”, CS_NULLTERM, NULL);
where SYBASEhome is the installation directory. CS_PROP_SSL_CA can be set at the context level using ct_config, or at the connection level using ct_con_props.
Open Server:
srv_props (context, CS_SET, SRV_S_CERT_AUTH, “SYBASEhome\ini\trusted.txt”, CS_NULLTERM, NULL);
where SYBASEhome is the installation directory.
bcp and isql utilities also allow you to specify an alternative location for the trusted roots file.The parameter -x is included in the syntax, allowing you to specify an alternative location for the trusted.txt file.
