ODBC Driver for SAP Sybase Adaptive Server Enterprise

SSL Connection Description - ODBC Driver for SAP ASE

Connecting to ASE Using SSL

SSL (Secure Sockets Layer) is a standard protocol for secure access to a remote machine over untrusted networks. It runs on top of TCP/IP to secure client-server communications by allowing an SSL-enabled client to authenticate itself to an SSL-enabled server and vice versa. During server authentication, an SSL-enabled client application uses standard techniques of public-key cryptography to verify the server's identity by checking that the server's certificate is issued by a trusted certificate authority (CA) and proves the ownership of the public key.

Conversely, SSL client authentication allows the server to validate the client's identity. The client and server can also authenticate each other using self-signed certificates, however, you will almost never want to use a self-signed certificate, except for an Intranet or a development server. After establishing an SSL connection, the client and server can exchange messages that are symmetrically encrypted with the shared secret key. SSL is the recommended method to establish a secure connection to ASE due to easier configuration and higher performance, compared to SSH.

See the ASE documentation for more information on how to set up SSL in ASE and Open Client and configure SSL .

To establish an SSL connection to ASE, specify the SSL certificates and client private key:

ASE SSL Connection

SSL Options

Option

Description

Use SSL

Enables SSL connections.

SSL CA Cert

The CA certificate.

SSL Cert

The client certificate.

SSL Key

The private client key.

Ignore Server Certificate Validity

Specifies whether to check the server certificate validity period during an SSL handshake. The default value is True.

Ignore Server Certificate Constraints

Specifies whether to verify the server certificate for compliance with constraints during an SSL handshake. The default value is True.

Trust Server Certificate

Specifies whether to verify the server certificate during an SSL handshake. By default, the driver verifies the server certificate. When the option is set to True, the driver will bypass walking the certificate chain to verify the certificate.

Ignore Server Certificate Insecurity

Specifies whether to check the server certificate signature security during an SSL handshake. The default value is False.

Sample SSL Connection String

DRIVER={Devart ODBC Driver for ASE};Data Source=myServer;Port=myPort;Database=myDatabase;User ID=myUsername;Password=myPassword;SSL=True;SSL CA Cert=C:\myCaCertificate.pem;SSL Cert=C:\myClientCertificate.pem;Key=C:\myPrivateClientKey.pem

© 2015-2024 Devart. All Rights Reserved. Request Support ODBC Forum Provide Feedback