cancel
Showing results for 
Search instead for 
Did you mean: 

Can I enforce the server to ask for an encryption key (aka -ep) in a ODBC DSN with DBS=?

VolkerBarth
Contributor
7,647

(More or less a question to confirm my test results...)

I want to connect to a strongly encrypted database on a not-running, local database engine. I want to use a ODBC DSN and want to get asked for the encryption key. This can be done by means of the -ep server option.

Is the only way to do so by specifying the START connection parameter, i.e. something like the following (with need to specify the server command line)?

-c "DBF=MyDb.db;START=C:\\Programme\\SQL Anywhere 12\\bin32\\dbeng12 -n MyServer -ep;UID..."

I would favour the usage of DBS=, but this does not seem to work (with error "Invalid option for local database").

I guess it does not work as -ep is a server option, not a database option, and DBS is only valid for database options. (Note: I refer to command line options, not the ones available by SET OPTION.)

Am I right, or is there a better way?

(For simplicity, I would like to omit the server command line.)


EDIT to put it more generally:

Is the following correct w.r.t. connection parameters?

  • To specify a database command line option, one has to use DBS=-OptionName, i.e. DBS= -ek MyKey
  • To specify a server command line option, one has to use START=...dbeng -OptionName, i.e. START=dbeng12 -ep

Accepted Solutions (1)

Accepted Solutions (1)

graeme_perrow
Advisor
Advisor

Yes you are right, and no there isn't really a better way.

FYI, specifying the -n switch in a START line is strongly discouraged. It's much better to use -c "DBF=MyDb.db;SERVER=MyServer;START=C:\\Programme\\SQL Anywhere 12\\bin32\\dbeng12 -ep;... (or ENG=MyServer in versions prior to 12).

Your statements at the end w.r.t. the DBS and START connection parameters are correct.

MCMartin
Participant
0 Kudos

@Graeme: Why is -n strongly discouraged?

VolkerBarth
Contributor

@Martin: AFAIK, specifying the server name in the SERVER or ENG connection parameter has the effect of a) looking for a running server with that name or - if none is found - b) starting a server (as specified by START=) with the given name. In contrast, giving both SERVER= and START=... -n could lead to ambuguities if both names are different, and omitting SERVER= would mean you can connect to any local (or the default) engine, methinks.

graeme_perrow
Advisor
Advisor

Yes, Volker has pretty much covered it. The client library tries to connect to a server with the given server name and if it can't find one, it uses the start line to start one. If you use -n in the start line, we may start a server that we cannot connect to, so you will end up with a running server but a failed connection attempt. For similar reasons, use DBN rather than DBS=-n mydatabase.

Answers (0)