Encrypting the connection between the Easysoft ODBC-ODBC Bridge client and server

This guide outlines the steps needed to configure the ODBC-ODBC Bridge server on Windows to use TLS encryption with a self-generated certificate. It covers generating the required key and certificate files and setting up both the ODBC-ODBC Bridge server and client for secure communication.

Prerequisites

If OpenSSL is not installed on your Windows system, download and install it. For this guide, we used:

After installation, configure the PATH in a command prompt:

path=C:\Program Files\OpenSSL-Win64\bin;%PATH%

Generating key and certificate files

Use the following OpenSSL command to generate the key.pem and cert.pem files required for encryption:

openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -nodes
  • Enter easysoft for both passphrases when prompted.
  • Provide the following details:
    • Country Name (2 letter code) [AU]:
    • State or Province Name (full name) [Some-State]:
    • Locality Name (e.g., city) []:
    • Organization Name (e.g., company) [Internet Widgits Pty Ltd]:
    • Organizational Unit Name (e.g., section) []:
    • Common Name (e.g., server FQDN or YOUR name) []:
    • Email Address []:

Configuring the ODBC-ODBC Bridge server

  1. Access the ODBC-ODBC Bridge Web Admin interface at http://127.0.0.1:8890/ and navigate to the Configuration page.
  2. Click Change and update the following fields with the full paths:
    • KeyFile: c:\certs\key.pem
    • CertFile: c:\certs\cert.pem
  3. Restart the ODBC-ODBC Bridge server:
    1. Open Control Panel > Admin Tools > Services.
    2. Locate Easysoft ODBC-ODBC Bridge Server or Easysoft ODBC-ODBC Bridge Server x64. (choose whichever is running).
    3. Right-click and select Restart.

After restarting, the server is configured to accept encrypted data.

Configuring the ODBC-ODBC Bridge client

The ODBC-ODBC Bridge supports four encryption settings:

  • No Encryption (0): No encryption used.
  • Encrypt if available (1): Uses encryption if supported by the server, otherwise falls back.
  • Encryption required (2): Forces encryption; fails if unsupported.
  • Encryption required + validate (3): As above, but validates the server certificate using the client's CertFile.

Windows ODBC data source configuration

  1. Open your ODBC-ODBC Bridge ODBC data source and go to the Settings tab.
  2. From Encrypt Communication, select an encryption method (for example, Encryption required + validate).
  3. If using Encryption required + validate, enter the certificate file path in the Certificate file text box (for example, c:\certs\cert.pem).
  4. For other methods, leave the Certificate file text box blank.

Note The Test button connection is unencrypted, but application connections will be encrypted.

Linux or UNIX ODBC data source configuration

  1. Add the following lines to your ODBC data source in odbc.ini:
    Encrypt=3
    CertFile=/home/myuser/shared/cert.pem
  2. Set Encrypt to the desired option. (For example, 3 for validation).
  3. If using option 3, specify CertFile with the full path to the certificate file.
  4. Ensure the application user has read access to the certificate file.
  5. Other options do not require the CertFile line.