SSL for SAS/SHARE under Windows: Examples

Start-up of a Multi-UserSAS/SHARE Server

After certificates for the CA, the server, and the client have been generated, and imported into the appropriate certificate store, you can start a SAS/SHARE server. Here is an example of how to start a secured SAS/SHARE server:

%let tcpsec=_secure_;
options comamid=tcp netencryptalgorithm=ssl;
options sslcertiss="Glenn's CA";
options sslcertserial="0a1dcfa3000000000015";
proc server id=shrserv; 
run;

The following table lists the SAS option or statement that is used for each task to start a server.

SAS Options, Statements, and Arguments for Server Start-Up Tasks

SAS Options, Statements, and Arguments	Server Start-Up Tasks
TCPSEC= _SECURE_	Secures the server
COMAMID=TCP	Specifies the TCP/IP access method
NETENCRALG=SSL	Specifies SSL as the encryption algorithm
SSLCERTISS="Glenn's CA"	Specifies the name of the issuer of the digital certificate that SSL should use
SSLCERTSERIAL="0a1dcfa3000000000015"	Specifies the serial number of the digital certificate that SSL should use
PROC SERVERID=shrserv;	Starts the server

SAS/SHARE Client Access of a SAS/SHARE Server

After a SAS/SHARE server has been started, the client can access it.

Here is an example of how to make a client connection to a secured SAS/SHARE server:

options comamid=tcp;
%let machine=apex.server.com;
libname a '.' server=machine.shrserv user=_prompt_;

The following table lists the SAS options that are used for accessing a server from a client.

SAS Options and Arguments for Accessing a SAS/SHARE Server from a Client

SAS Options and Arguments	Client Access Tasks
COMAMID=TCP	Specifies the TCP/IP access method
SERVER=machine.shrserv	Specifies the machine and server to connect to
USER=_PROMPT_	Prompts for the user ID and password to be used for authenticating the client to the server

The server-ID and the server's Common Name, which was specified in the server's certificate, must be identical.