Welcome to dbFreaks.com!
FAQFAQ    SearchSearch      ProfileProfile    Private MessagesPrivate Messages   Log inLog in

Encrypting Data in Transit with onsocssl

  
   Database Help (Home) -> Informix RSS
Next:  CFP: The 2011 International Conference on Softwar..  
Author Message
caver

External


Since: Feb 01, 2011
Posts: 2



(Msg. 1) Posted: Tue Feb 01, 2011 3:56 pm
Post subject: Encrypting Data in Transit with onsocssl
Archived from groups: comp>databases>informix (more info?)
We have a requirement to encrypt data in transit from the client to
the database. We are trying to use onsocssl with odbc, but have not
had any luck. Does anyone have any experience with onsocssl with odbc
access from a windows client?

We can connect to dbaccess using onsocssl, but each time we attempt to
connect using odbc we get this error:

Secure Sockets Layer error : GSK_KEYRING_OPEN_ERROR - keyring file did
not open.

I have done google searches (no luck) and have opened a call with
informix support (still researching), but wanted to know if there is
anyone who has successfully implemented this?

Thanks for any response.

 >> Stay informed about: Encrypting Data in Transit with onsocssl 
Back to top
Login to vote
TBP

External


Since: Feb 01, 2011
Posts: 1



(Msg. 2) Posted: Tue Feb 01, 2011 5:04 pm
Post subject: Re: Encrypting Data in Transit with onsocssl [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
On Feb 1, 11:56 pm, caver wrote:
> We have a requirement to encrypt data in transit from the client to
> the database.  We are trying to use onsocssl with odbc, but have not
> had any luck.  Does anyone have any experience with onsocssl with odbc
> access from a windows client?
>
> We can connect to dbaccess using onsocssl, but each time we attempt to
> connect using odbc we get this error:
>
> Secure Sockets Layer error : GSK_KEYRING_OPEN_ERROR - keyring file did
> not open.
>
> I have done google searches (no luck) and have opened a call with
> informix support (still researching), but wanted to know if there is
> anyone who has successfully implemented this?
>
> Thanks for any response.

Have you set up the certificate on the client?

 >> Stay informed about: Encrypting Data in Transit with onsocssl 
Back to top
Login to vote
caver

External


Since: Feb 01, 2011
Posts: 2



(Msg. 3) Posted: Tue Feb 15, 2011 2:29 pm
Post subject: Re: Encrypting Data in Transit with onsocssl [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
Yes. Thanks for responding.
We finally got it working.

If anyone else needs to set up onsocssl with informix, here are a few
notes
that might be helpful:

http://publib.boulder.ibm.com/infocenter/idshelp/v117/topic/com.ibm.se...oc/ids_

1) The standard port for informix ssl is 9089

2) Other notes:

a.) Install Informix Client 3.70 (or newest version)
b.) Install GSK Toolkit Version 8
To get "gskit" from IBM:
https://www14.software.ibm.com/webapp/iwm/web/reg/pick.do?source=gskit...t&S_PKG


c.) Locate 'ETC' directory in the Informix Directory, most commonly in
one of the following paths:
C:\Program Files\Informix\Client-SDK\ETC\
C:\Program Files\Informix\ETC\
d.) Copy the .CERT file that is generated by the server (ie- app.cert)
to the ETC directory
then follow directions from manual

e.) Run the following commands in DOS from the ETC directory

To create required files on PC client:
gsk8capicmd -keydb -create -db client.kdb -pw XX -type cms -stash

To add the cert file to the KeyStore:
gsk8capicmd -cert -add -db client.kdb -pw XX -label app -file app.cert
-format ascii

3) For very slow performance using onsocssl,
check the onconfig parameter "VPCLASS" to make sure it does NOT have
"encrypt".

-Remove the "encrypt" from VPCLASS:

#VPCLASS encrypt,num=2 #Do not use
VPCLASS cpu,num=2,noage


On Feb 1, 8:04 pm, TBP wrote:
> On Feb 1, 11:56 pm, caver wrote:
>>
> > We have a requirement to encrypt data in transit from the client to
> > the database.  We are trying to use onsocssl with odbc, but have not
> > had any luck.  Does anyone have any experience with onsocssl with odbc
> > access from a windows client?
>
> > We can connect to dbaccess using onsocssl, but each time we attempt to
> > connect using odbc we get this error:
>
> > Secure Sockets Layer error : GSK_KEYRING_OPEN_ERROR - keyring file did
> > not open.
>
> > I have done google searches (no luck) and have opened a call with
> > informix support (still researching), but wanted to know if there is
> > anyone who has successfully implemented this?
>
> > Thanks for any response.
>
> Have you set up the certificate on the client?- Hide quoted text -
>
 >> Stay informed about: Encrypting Data in Transit with onsocssl 
Back to top
Login to vote
Display posts from previous:   
Related Topics:
Data Modeling? - Is it a 'norm' that DBA's use a data model (both logical and physical) to design a database? or Are data models mostly used as a 'post-design' afterthought, to document what is physically already implemented? In most shops that I have worked, we never....

Semistructured data in Informix - Does Informix support the semistructured data model? If yes, what functionalities does it provide and where can I learn more about them? What data access structures does Informix provide for XML data? Thanks for any help.

informix dot net data provider - Hi, did anyone here successfully use C# to connect to an informix? I tried to connect to an Informix 9.31 on Linux but I always get this message. error: IBM.Data.Informix.IfxException: ERROR [HY000] [Informix .NET provider][Informix] Server..

letters only data type - Hello, I need to create data type which accept only letters? (Informix 9.3). CREATE ROW TYPE ?? is it right solution? There is a lot of documentation but I can't find any sample. Mitja

blobpages with data pages - Version: IDS 10 Tablespace has limit of 16.2 million pages. If blobpages are part of same dbspace as the rows then are those blobpages counted as part of same tablespace. In other words 16.2 million pages are just the row data pages or are these data..
   Database Help (Home) -> Informix All times are: Pacific Time (US & Canada)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum



[ Contact us | Terms of Service/Privacy Policy ]