The forum will experience an outage sometime between February 10 at 7:00pm EST and February 12 at 11:59 EST for installation of security updates. The actual time and duration of the outage are unknown but attempts will be made to minimize the downtime. We apologize for any inconvenience.

Hi All,

When using the SQL Anywhere PHP dll's, (5.4.12 in this case), can anyone tell me what sort of security there is in place for passing the username and password to the database. Is it encrypted in any way.

I don't see any options within the dll to send details encrypted but presume it is so any details would be very useful to put my client's mind at rest.

Thanks,

Alasdair

asked 25 Feb '15, 12:53

RADicalSYS's gravatar image

RADicalSYS
1266819
accept rate: 0%


The connection information is always encrypted using AES before it is sent to the server. If you want bulletproof security (including encryption, protection against replay and man-in-the-middle attacks, and server authentication), you can use TLS. Here is the documentation on the Encryption connection parameter and the -ec server switch, both of which need to be used to make this happen.

permanent link

answered 25 Feb '15, 13:33

Graeme%20Perrow's gravatar image

Graeme Perrow
8.4k369107
accept rate: 51%

Graeme, thanks very much. That is perfect.

(26 Feb '15, 07:21) RADicalSYS
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×47
×32

question asked: 25 Feb '15, 12:53

question was seen: 351 times

last updated: 26 Feb '15, 07:21