How to setup a secure SQL Anywhere 17 web service on a cloud server

1

I have a SQL Anywhere 17 server running a database with TLS security and HTTPS web service as setup below:

-x tcpip(port=2640) -ti 0 -c 1G -ch 2G -xs https(FIPS=N;PORT=8100;identity=Server.pem;identity_password=pwd) -ec tls(identity=Server.pem;identity_password=pwd) "D:\Database.db"

What needs to be setup on the MS Azure environment to be able to call a web service created in the database? What ports need to be opened in the firewall and what else needs to be done?

When accessing the service how secure is it? Is there another/better way to secure the web service?

TIA

Frank

asked 24 Sep '18, 11:33

Frank%20Vestjens's gravatar image

Frank Vestjens
1.2k344461
accept rate: 21%

2

> What ports

8100 is what you've chosen for https, as opposed 443.

Try this in a browser: https://domain.com:8100/service?p=123&q=456

where domain.com is the domain or ip address Azure has given you when you hosted your database.

> How secure

Secure enough for Google.

(24 Sep '18, 11:53) Breck Carter

Hi Breck,

Thanks for the answer. But for being able to access the service we need to open up the port 8100 in the firewall. Would that be enough or is it better to use 443?

Frank

(24 Sep '18, 13:09) Frank Vestjens
Replies hidden
1

If you use 443 then nobody will ask you "why 443?" because that's been the standard https port since the 1990s... and maybe it's already open through the firewall.

Presumably the domain/ip address you get won't already have an https server on 443... but if it does, then you'll have to pick something else.

FWIW here's what IANA shows for 443 and 8100...

https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt

https               443        tcp    http protocol over TLS/SSL   [IESG]
   [IETF_Chair] 2018-07-06

https               443        udp    http protocol over TLS/SSL   [IESG]
   [IETF_Chair] 2018-07-06

https               443       sctp    HTTPS                        [Randall_Stewart]
   [Randall_Stewart] [RFC4960]

xprint-server      8100        tcp    Xprint Server                [John_McKernan]
   [John_McKernan]

xprint-server      8100        udp    Xprint Server                [John_McKernan]
   [John_McKernan]
(24 Sep '18, 13:33) Breck Carter
1

OTOH if you use 8100 then maybe the Port Police will visit you, because the top hit on "tcp port 8100" is https://www.speedguide.net/port.php?port=8100 which says "trojan" :)

(24 Sep '18, 13:40) Breck Carter
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Question tags:

×235
×24
×13

question asked: 24 Sep '18, 11:33

question was seen: 1,378 times

last updated: 24 Sep '18, 13:40

Related questions

SQL Anywhere 17 on Azure

Error Code -6 when applying a transaction log file (from live backup)

Backups suddenly failing

Problem using 'callback' form of 'connect', JavaScript External Environment

Web Services - Connection lifespan

Error using ''sa_dbcapi_handle" in JavaScript External Environment with WIndows

SA-17 Purchase Order Suspended

Portable version of SA and MobiLink

dbconsole and SQL Anywhere 17

sysuser last login time not being updated