cancel
Showing results for 
Search instead for 
Did you mean: 

How to setup a secure SQL Anywhere 17 web service on a cloud server

fvestjens
Participant
1,754

I have a SQL Anywhere 17 server running a database with TLS security and HTTPS web service as setup below:

-x tcpip(port=2640) -ti 0 -c 1G -ch 2G -xs https(FIPS=N;PORT=8100;identity=Server.pem;identity_password=pwd) -ec tls(identity=Server.pem;identity_password=pwd) "D:\\Database.db"

What needs to be setup on the MS Azure environment to be able to call a web service created in the database? What ports need to be opened in the firewall and what else needs to be done?

When accessing the service how secure is it? Is there another/better way to secure the web service?

TIA

Frank

Breck_Carter
Participant

> What ports

8100 is what you've chosen for https, as opposed 443.

Try this in a browser: https://domain.com:8100/service?p=123&q=456

where domain.com is the domain or ip address Azure has given you when you hosted your database.

> How secure

Secure enough for Google.

fvestjens
Participant
0 Kudos

Hi Breck,

Thanks for the answer. But for being able to access the service we need to open up the port 8100 in the firewall. Would that be enough or is it better to use 443?

Frank

Breck_Carter
Participant

If you use 443 then nobody will ask you "why 443?" because that's been the standard https port since the 1990s... and maybe it's already open through the firewall.

Presumably the domain/ip address you get won't already have an https server on 443... but if it does, then you'll have to pick something else.

FWIW here's what IANA shows for 443 and 8100...

https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.txt

https               443        tcp    http protocol over TLS/SSL   [IESG]
   [IETF_Chair] 2018-07-06

https               443        udp    http protocol over TLS/SSL   [IESG]
   [IETF_Chair] 2018-07-06

https               443       sctp    HTTPS                        [Randall_Stewart]
   [Randall_Stewart] [RFC4960]

xprint-server      8100        tcp    Xprint Server                [John_McKernan]
   [John_McKernan]

xprint-server      8100        udp    Xprint Server                [John_McKernan]
   [John_McKernan]
Breck_Carter
Participant

OTOH if you use 8100 then maybe the Port Police will visit you, because the top hit on "tcp port 8100" is https://www.speedguide.net/port.php?port=8100 which says "trojan" 🙂

Accepted Solutions (0)

Answers (0)