Secure MobiLink Synchronization using Microsoft IIS and the MobiLink Redirector



Similar documents
R/3 and J2EE Setup for Digital Signature on Form 16 in HR Systems

Table of Contents. How to Find Database Index usage per ABAP Report and Creating an Index

SAP Master Data Governance- Hiding fields in the change request User Interface

SAPFIN. Overview of SAP ERP Financials COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

Budget Control by Cost Center

HR400 SAP ERP HCM Payroll Configuration

Enterprise Software - Applications, Technologies and Programming

Process Archiving using NetWeaver Business Process Management

Understanding HR Schema and PCR with an Example

Business One in Action - How can we post bank fees and charges while posting Incoming or Outgoing Payment transactions?

AC200. Basics of Customizing for Financial Accounting: General Ledger, Accounts Receivable, Accounts Payable COURSE OUTLINE

K in Identify the differences between the universe design tool and the information design tool

TM111. ERP Integration for Order Management (Shipper Specific) COURSE OUTLINE. Course Version: 15 Course Duration: 2 Day(s)

Third Party Digital Asset Management Integration

How to Create a Support Message in SAP Service Marketplace

Maintaining Different Addresses and Ids for a Business Partner via CRM Web UI

NetWeaver Business Client (NWBC) for Incentives and Commissions Management (ICM)

Integration of SAP Netweaver User Management with LDAP

Integrating Easy Document Management System in SAP DMS

User Experience in Custom Apps

Alert Notification in SAP Supply Network Collaboration. SNC Extension Guide

USDL XG WP3 SAP use case. Kay Kadner

Application Lifecycle Management

Data Archiving in CRM: a Brief Overview

UI Framework Simple Search in CRM WebClient based on NetWeaver Enterprise Search (ABAP) SAP Enhancement Package 1 for SAP CRM 7.0

Portfolio and Project Management 5.0: Excel Integration for Financial and Capacity Planning

How To Use the ESR Eclipse Tool with the Enterprise Service Repository

Sending Additional Files from SAP Netweaver PI to third Party System

SAP NetWeaver BRM 7.3

How to Schedule Report Execution and Mailing

Log Analysis Tool for SAP NetWeaver AS Java

UI Framework Task Based User Interface. SAP Enhancement Package 1 for SAP CRM 7.0

How To Use the BPC Mass User Management Tool in BPC 10.0 NW

Configuring Single Sign-on for SAP HANA

Single Sign-On between SAP Portal and SuccessFactors

Integration of Universal Worklist into Microsoft Office SharePoint

UI Framework Logo exchange without skin copy. SAP Enhancement Package 1 for SAP CRM 7.0

Sample Universe on Microsoft OLAP Cube

Learning Series: SAP NetWeaver Process Orchestration, secure connectivity add-on 1c SFTP Adapter

Accounts Receivable. SAP Best Practices

Installation Guide Customized Installation of SQL Server 2008 for an SAP System with SQL4SAP.VBS

BW Workspaces Use Cases

ERP Quotation and Sales Order in CRM WebClient UI Detailed View. SAP Enhancement Package 1 for SAP CRM 7.0 CRM Sales - SFA

SAP Sustainability Solutions: Achieving Customer Strategies

Fixed Asset in SAP Business One 9.0

SAP Business ByDesign Reference Systems. Scenario Outline. SAP ERP Integration Scenarios

Data Source Enhancement Using User Exit

Compliant, Business-Driven Identity Management using. SAP NetWeaver Identity Management and SBOP Access Control. February 2010

Intelligent Business Operations Chapter 1: Overview & Strategy

SOP through Long Term Planning Transfer to LIS/PIS/Capacity. SAP Best Practices

Sales Planning Detailed View. SAP Enhancement Package 1 for SAP CRM 7.0 CRM Sales - SFA

How-to-Guide: Middleware Settings for Download of IPC Configuration (KB) Data from R/3 to CRM System

Business Requirements... 3 Analytics... 3 Typical Use Cases... 8 Related Content... 9 Copyright... 10

BICS Connectivity for Web Intelligence in SAP BI 4.0. John Mrozek / AGS December 01, 2011

SAP Service Tools for Performance Analysis

RUN BETTER Become a Best-Run Business with Remote Support Platform for SAP Business One

SAP DSM/BRFPlus System Architecture Considerations

Project Governance The Role Of The Business Process Owner

Implementing SSO between the Enterprise Portal and the EPM Add-In

OData in a Nutshell. August 2011 INTERNAL

How to Add an Attribute to a Case, Record and a Document in NW Folder Management (ex-records Management)

Consume an External Web Service in a Nutshell with good old ABAP

SAP Best Practices for Subsidiary Integration in One Client Production with Intercompany Replenishment

Download and Install Crystal Reports for Eclipse via the Eclipse Software Update Manager

SAP Cloud Strategy - Timeless Software. Frank Stienhans on behalf of Kaj van de Loo SAP

SAP Portfolio and Project Management

Quick Guide EDI/IDoc Interfacing to SAP ECC from External System

Finding the Leak Access Logging for Sensitive Data. SAP Product Management Security

Query, Read, Create and Update CLOUD FOR CUSTOMER ODATA SERVICE QUERY, READ, CREATE AND UPDATE

Mass Maintenance of Procurement Data in SAP

Variable Exit in Sap BI How to Start

How to Configure Access Control for Exchange using PowerShell Cmdlets A Step-by-Step guide

Run SAP like a Factory

Configuring Distribution List in Compliant User Provisioning

Ariba Network Integration to SAP ECC

Introducing the SAP Business One starter package. A Great Start to help you to Streamline Your Small Business

Next Generation Digital Banking with SAP

AP Integration with BRFplus VERSION V APRIL SAP AG

Certificate SAP INTEGRATION CERTIFICATION

Migration Guide Remote Support Component 1.0 to SAP Solution Manager 7.1. Target Audience System Administrators Technology Consultants

SAP How-To Guide: Develop a Custom Master Data Object in SAP MDG (Master Data Governance)

How to configure BusinessObjects Enterprise with Citrix Presentation Server 4.0

Learning Series: SAP NetWeaver Process Orchestration, business to business add-on EDI Separator Adapter

How To Improve Your Business Process With Sap

Using User Exit for Variables in BEx Reporting

Xcelsius Dashboards on SAP NetWaver BW Implementation Best Practices

SAP HANA Cloud Integration Document Version: Template Guide for SAP Sales and Operations Planning

How To... Migrate Custom Portal Applications to SAP NetWeaver 7.3

SAP Central Process Scheduling (CPS) 8.0 by Redwood

SAP Sybase SQL Anywhere New Features Improve Performance, Increase Security, and Ensure 24/7 Availability

How To Configure MDM to Work with Oracle ASM-Based Products

Integrated Release Management Maximize IT s business value. Swen Conrad, PMP Senior Director Solution Marketing IT Business Management

BUSINESS STRUCTURE: FUNCTIONS AND PROCESSES

Creating New Dashboard Packages for SAP Business One 8.8

Delta Queue Demystification

Business Process Change Analyzer in SAP Solution Manager 7.1

Supporting SAP POS Best Practices Setting Log File Sizes and Retention

Production Subcontracting (External Processing) SAP Best Practices

Duet Enterprise Add SAP ERP Reports and SAP BI Queries/Workbooks to Duet Enterprise Configuration

Transcription:

Secure MobiLink Synchronization using Microsoft IIS and the MobiLink Redirector A whitepaper from ianywhere Author: Joshua Savill, Product Manager This whitepaper was written in the context of SQL Anywhere 10. However, its content may be applicable to previous and future releases.

Contents Introduction... 3 Prerequisites... 3 Securing the Communication Stream... 4 Configuring SSL on the Microsoft IIS Web Server... 4 Create the Root Certificate... 4 Create a Web Server Certificate... 5 Sign the certreq.txt File... 5 Install the rsa_iis.crt certificate... 6 Verify the HTTPS Connection and Install the Certificate... 6 Configuring the MobiLink Server and Redirector for HTTPS Communication... 6 Setting Up the MobiLink Client... 7 Additional Resources... 7 Summary... 8

Introduction This document provides instructions for setting up secure MobiLink synchronization on a Microsoft Internet Information Services (IIS) web server. Although this document describes the methodology for SQL Anywhere 10.0.1, the procedures are applicable to all versions of SQL Anywhere. For production systems, it is recommended that you purchase server certificates from a reputable Certificate Authority. The type of certificate required is dependent upon your unique business needs and encryption requirements. Prerequisites Before completing the procedures described in this document, it is recommended that you review the following information: Securing SQL Anywhere Server 10: http://www.sybase.com/files/white_papers/securingsa10.pdf Understanding Encryption and Transport-Layer Security http://www.sybase.com/detail?id=1035475 MobiLink transport-layer security and certificates: http://www.sybase.com/detail?id=1009621 Generating X.509 Certificates for Secure Communication in SQL Anywhere 10.0.1: http://www.sybase.com/detail?id=1055179 The following software is required to complete the procedures in this document: Microsoft Windows 2000 Server or Microsoft Windows 2003 Server Microsoft Internet Information Services 5.0 or Microsoft Internet Information Services 6.0 SQL Anywhere with MobiLink 10.0.1 and RSA encryption The SQL Anywhere 10.0.1 Secure MobiLink Synchronization using Microsoft IIS code sample. The code sample is available for download from the following path: http://www.sybase.com/detail?id=1059364 www.sybase.com/ianywhere 3

Securing the Communication Stream To ensure the security of the communication stream, the procedures include the installation of the following security protocols: Transport Layer Security (TLS) for the entire MobiLink synchronization Secure Sockets Layer (SSL) and RSA encryption on the MobiLink client and Microsoft IIS web server. HTTPS and RSA encryption on the MobiLink Redirector and MobiLink Server This diagram illustrates how the communication stream is configured for optimum security: Configuring SSL on the Microsoft IIS Web Server Create the Root Certificate 1. Install the createcert utility included with the RSA encryption option. 2. Run the following command: "%SQLANY10%\win32\createcert" 3. Complete the following fields: Field Value Choose encryption type ((R)SA or (E)CC) R Enter RSA key length (512-16384) 1024 Country Code CA State/Province ON Locality Waterloo Organization Organizational Unit Common Name Certificate valid for how many years (1-100) 10 Certificate Authority Y Key Usage [6,7] 6,7 Enter file path to save certificate rsa_root.crt Enter file path to save private key rsa_key.key Enter password to protect private key pwd Enter file path to save identity id.pem

Create a Web Server Certificate 1. Open the Microsoft IIS Manager. 2. In the left pane, right-click Default Web Site and click Properties. 3. Click the Web Site tab. 4. In the SSL Port field, type 443. 5. Click the Directory Security tab. 6. Click Server Certificate. 7. Click Create a new certificate. Click Next. 8. Click Prepare the request now, but send it later. Click Next. 9. In the Name field, type Default Web Site and on the Bit length list click 1024. Click Next. 10. In the Organization and Organizational unit fields, type. Click Next. 11. In the Common name field, type jsavill-iis. Click Next. 12. Complete the following fields: In the Country/Region list, click CA. In the State/province field, type ON. In the City/locality field, type Waterloo. 13. Accept the default location for the certreq.txt file. Click Next. 14. Click Next. 15. Click Finish and then click OK. Sign the certreq.txt File 1. Run the following command: "SQLANY10%\win32\createcert" -s certreq.txt 2. Complete the following fields: Field Value Enter file path of signer's certificate rsa_root.crt Enter file path of signer's private key rsa_key.key Enter password for signer's private key pwd Certificate valid for how many years (1-100) 10 Certificate Authority (Y/N) N Key Usage [3,4,5] 3,4,5 Enter file path to save certificate rsa_iis.crt 3. Run the following command: "%SQLANY10%\win32\viewcert" rsa_iis.crt 4. Verify the certificate information is correct.

Install the rsa_iis.crt certificate 1. Open the Microsoft IIS Manager. 2. In the left pane, right-click Default Web Site and click Properties. 3. Click the Directory Security tab. 4. Click Server Certificate. Click Next. 5. Click Process the pending request and install the certificate. Click Next. 6. In the Path and file name field, browse to the location of the rsa_iis.crt file. Click Next. 7. In the SSL Port field, type 443. Click Next. 8. Review your settings. Click Next. 9. Click Finish. Verify the HTTPS Connection and Install the Certificate 1. Open your Internet browser. 2. In the Address field, type https://servername. Press Enter. 3. Click Continue to this website. The Under Construction page appears indicating the certificate installed correctly. Configuring the MobiLink Server and Redirector for HTTPS Communication 1. Run the following command: %SQLANY10%\win32\createcert" 2. Complete the following fields: Field Value Choose encryption type ((R)SA or (E)CC) R Enter RSA key length (512-16384) 1024 Country Code CA State/Province ON Locality Waterloo Organization Organizational Unit Common Name Certificate valid for how many years (1-100) 10 Certificate Authority Y Key Usage [3,4,5] 3,4,5 Enter file path to save certificate rsa_ml.crt Enter file path to save private key rsa_ml_key.key Enter password to protect private key pwd Enter file path to save identity id_ml.pem www.sybase.com/ianywhere 6

3. Run the setup.bat file located in the cons folder. This file: Initializes a new SQL Anywhere consolidated database Creates the data source name Spawns the database server Sets up the MobiLink system tables Inserts test data into the database Starts the MobiLink Server with the following command line message: "%SQLANY10%\win32\mlsrv10" -v+ -o mlsrv.out -zs ml_https -c "DSN=https_cons" -dl -zu+ -x https{port=2439;tls_type=rsa;certificate=..\certs\id_ml.pem;certif icate_password=pwd} 4. Open the redirector.config file in your text editor. The file is saved to the following path: c:\inetpub\scripts directory. 5. Complete the following section: # Properties # ---------- SLEEP=1800 ML_CLIENT_TIMEOUT=1800 LOG_LEVEL=1 # # List of servers # --------------- ML="https=true;host=localhost;port=2439;tls_type=RSA;fips=n;truste d_certificates=c:\\https_redirector_iis\\certs\\rsa_ml.crt" 6. Save your changes to the redirector.config file. 7. Open the Microsoft IIS Manager. 8. Right-click Default Web Site, and click Stop. 9. Right-click Default Web Site, and click Start. Setting Up the MobiLink Client Run the setup.bat file located in the rem folder. This file: Initializes a new SQL Anywhere remote database Creates the data source name Spawns the database server Inserts test data into the database Starts the MobiLink Server with the following command line message: "%SQLANY10%\win32\dbmlsync" -c "DSN=https_rem" -mp sql -v+ -o rem.txt -e "ctp=https;adr='host=jsavill- IIS;port=443;url_suffix=/scripts/iaredirect.dll/ml/;trusted_certifica tes=..\certs\rsa_root.crt'" Additional Resources For information about the createcert utility, see: http://www.sybase.com/detail?id=1055179. For assistance configuring the MobiLink Redirector using Microsoft IIS, see The MobiLink Redirector using Microsoft Internet Information Services.

For information about the MobiLink Redirector, see http://dcx.sybase.com/index.php#http%3a%2f%2fdcx.sybase.com%2fhtml%2fdbmlen10%2fmlisapi-config-iadeploy.html. For assistance installing SQL Anywhere 10.0.1, see http://dcx.sybase.com/index.php#http%3a%2f%2fdcx.sybase.com%2fhtml%2fdbdaen10%2fdaenvironment-variables.html. Summary This document has outlined the steps required to configure the MobiLink Redirector using Microsoft IIS to complete secure MobiLink synchronizations. Provided with this document is a demonstration of how the MobiLink client, MobiLink server, Redirector, and Microsoft IIS need to be configured. After finishing this document you should have a complete synchronizing system using SSL communication between the MobiLink client and Microsoft IIS Web Server. The communication stream between the MobiLink Redirector and MobiLink server is encrypted with RSA using HTTPS. www.sybase.com/ianywhere 8

Copyright Copyright 2013 SAP AG. All rights reserved. No part of this publication may be reproduced or transmitted in any form or for any purpose without the express permission of SAP AG. The information contained herein may be changed without prior notice. Some software products marketed by SAP AG and its distributors contain proprietary software components of other software vendors. Microsoft, Windows, Excel, Outlook, and PowerPoint are registered trademarks of Microsoft Corporation. IBM, DB2, DB2 Universal Database, System i, System i5, System p, System p5, System x, System z, System z10, System z9, z10, z9, iseries, pseries, xseries, zseries, eserver, z/vm, z/os, i5/os, S/390, OS/390, OS/400, AS/400, S/390 Parallel Enterprise Server, PowerVM, Power Architecture, POWER6+, POWER6, POWER5+, POWER5, POWER, OpenPower, PowerPC, BatchPipes, BladeCenter, System Storage, GPFS, HACMP, RETAIN, DB2 Connect, RACF, Redbooks, OS/2, Parallel Sysplex, MVS/ESA, AIX, Intelligent Miner, WebSphere, Netfinity, Tivoli and Informix are trademarks or registered trademarks of IBM Corporation. Linux is the registered trademark of Linus Torvalds in the U.S. and other countries. Adobe, the Adobe logo, Acrobat, PostScript, and Reader are either trademarks or registered trademarks of Adobe Systems Incorporated in the United States and/or other countries. Oracle is a registered trademark of Oracle Corporation. UNIX, X/Open, OSF/1, and Motif are registered trademarks of the Open Group. Citrix, ICA, Program Neighborhood, MetaFrame, WinFrame, VideoFrame, and MultiWin are trademarks or registered trademarks of Citrix Systems, Inc. HTML, XML, XHTML and W3C are trademarks or registered trademarks of W3C, World Wide Web Consortium, Massachusetts Institute of Technology. Java is a registered trademark of Oracle Corporation. JavaScript is a registered trademark of Oracle Corporation, used under license for technology invented and implemented by Netscape. SAP, R/3, SAP NetWeaver, Duet, PartnerEdge, ByDesign, SAP Business ByDesign, and other SAP products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of SAP AG in Germany and other countries. Business Objects and the Business Objects logo, BusinessObjects, Crystal Reports, Crystal Decisions, Web Intelligence, Xcelsius, and other Business Objects products and services mentioned herein as well as their respective logos are trademarks or registered trademarks of Business Objects S.A. in the United States and in other countries. Business Objects is an SAP company. All other product and service names mentioned are the trademarks of their respective companies. Data contained in this document serves informational purposes only. National product specifications may vary. These materials are subject to change without notice. These materials are provided by SAP AG and its affiliated companies ("SAP Group") for informational purposes only, without representation or warranty of any kind, and SAP Group shall not be liable for errors or omissions with respect to the materials. The only warranties for SAP Group products and services are those that are set forth in the express warranty statements accompanying such products and services, if any. Nothing herein should be construed as constituting an additional warranty.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information