After certificates for
the CA, the server, and the client have been generated, and a CA trust
list for the client has been created, you can start a
SAS/SHARE server.
Here is an example of
starting a secured
SAS/SHARE
server:
%let tcpsec=_secure_;
options netencryptalgorithm=ssl;
options sslcertloc="/users/johndoe/certificates/server.pem";
options sslpvtkeyloc="/users/johndoe/certificates/serverkey.pem";
options sslpvtkeypass="password";
proc server id=shrserv authenticate=opt;
run;
The following table lists the SAS option or statement
that is used for each task to start a server.
SAS Options and Statements for Server Start-Up Tasks
SAS Options and Statements
|
|
|
|
|
|
|
Specifies SSL as the
encryption algorithm
|
|
|
Specifies the filepath
for the location of the server's certificate
|
SSLPVTKEYLOC= serverkey.pem |
Specifies the filepath
for the location of the server's private key
|
|
|
Specifies the password
to access server's private key
|
|
|
|
|
|
Allow trusted users
to access the server without authentication.
|
Note: As an alternative to using
the SSLPVTKEYPASS= option to protect the private key, you might prefer
that the private key remain unencrypted, and use the file system permissions
to prevent Read and Write access to the file that contains the private key.
To store the private key without encrypting it, use the-NODES option
when requesting the certificate.