Beginning with SPD Server 5.3, SPD Server supports secure sockets connections by using
Transport Layer Security (
TLS). TLS and its predecessor,
Secure Sockets Layer (
SSL), are cryptographic protocols that are designed to provide over-the-wire communication
security. TLS and SSL provide network data privacy, data integrity, and
authentication.
SPD Server is configured to use TLS by default (SSLSECURE=YES). When SSLSECURE=YES
is set on the server, SPDSRSSL must
also be set to YES or SAS client connections will fail. When SSLSECURE=YES, the server
also will not accept client connections from
ODBC and
JDBC clients. SPD Server does not support secure sockets connection for ODBC and JDBC
clients in the initial release. However, an SPD Server 5.3 SAS client that specifies
SPDSRSSL=YES is not prevented from connecting to an SPD Server 5.2 (or earlier) server.
Administrators can modify the default server setting to make TLS optional (SSLSECURE=PREFERRED)
or to not use TLS at all (SSLSECURE=NO). When SSLSECURE=PREFERRED,
the server will accept connections from clients that specify SPDSRSSL=YES, from clients
that specify SPDSRSSL=NO, and from clients for which TLS is not supported. Client/server
communication with clients that specify SPDSRSSL=YES is secured. Other connections
are not secure. SSLSECURE=PREFERRED is recommended for servers that will support ODBC
and JDBC clients in addition to SAS clients.
When SSLSECURE=NO, SPDSRSSL
must also be set to NO, or SAS client connections will fail.