Encrypting the connection between the Easysoft ODBC-ODBC Bridge client and server
This guide outlines the steps needed to configure the ODBC-ODBC Bridge server on Windows to use TLS encryption with a self-generated certificate. It covers generating the required key and certificate files and setting up both the ODBC-ODBC Bridge server and client for secure communication.
Prerequisites
If OpenSSL is not installed on your Windows system, download and install it. For this guide, we used:
After installation, configure the PATH
in a command prompt:
path=C:\Program Files\OpenSSL-Win64\bin;%PATH%
Generating key and certificate files
Use the following OpenSSL command to generate the key.pem
and cert.pem
files required for encryption:
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -sha256 -nodes
- Enter
easysoft
for both passphrases when prompted. - Provide the following details:
- Country Name (2 letter code) [AU]:
- State or Province Name (full name) [Some-State]:
- Locality Name (e.g., city) []:
- Organization Name (e.g., company) [Internet Widgits Pty Ltd]:
- Organizational Unit Name (e.g., section) []:
- Common Name (e.g., server FQDN or YOUR name) []:
- Email Address []:
Configuring the ODBC-ODBC Bridge server
- Access the ODBC-ODBC Bridge Web Admin interface at
http://127.0.0.1:8890/
and navigate to the Configuration page. - Click Change and update the following fields with the full paths:
- KeyFile:
c:\certs\key.pem
- CertFile:
c:\certs\cert.pem
- KeyFile:
- Restart the ODBC-ODBC Bridge server:
- Open Control Panel > Admin Tools > Services.
- Locate Easysoft ODBC-ODBC Bridge Server or Easysoft ODBC-ODBC Bridge Server x64. (choose whichever is running).
- Right-click and select Restart.
After restarting, the server is configured to accept encrypted data.
Configuring the ODBC-ODBC Bridge client
The ODBC-ODBC Bridge supports four encryption settings:
- No Encryption (0): No encryption used.
- Encrypt if available (1): Uses encryption if supported by the server, otherwise falls back.
- Encryption required (2): Forces encryption; fails if unsupported.
- Encryption required + validate (3): As above, but validates the server certificate using the client's
CertFile
.
Windows ODBC data source configuration
- Open your ODBC-ODBC Bridge ODBC data source and go to the Settings tab.
- From Encrypt Communication, select an encryption method (for example, Encryption required + validate).
- If using Encryption required + validate, enter the certificate file path in the Certificate file text box (for example,
c:\certs\cert.pem
). - For other methods, leave the Certificate file text box blank.
Note The Test button connection is unencrypted, but application connections will be encrypted.
Linux or UNIX ODBC data source configuration
- Add the following lines to your ODBC data source in
odbc.ini
:Encrypt=3 CertFile=/home/myuser/shared/cert.pem
- Set
Encrypt
to the desired option. (For example,3
for validation). - If using option
3
, specifyCertFile
with the full path to the certificate file. - Ensure the application user has read access to the certificate file.
- Other options do not require the
CertFile
line.