Configuring network encryption for replication servers
You encrypt client/server network communication by specifying the ENCCSM module with the communications support module (CSM) option in the sqlhosts file. You encrypt Enterprise Replication communication by setting encryption configuration parameter ENCRYPT_SMX or by configuring ER group option for onsocssl port in sqlhosts file. Unless onsocssl port is used for communicating with peer ER servers, for communicating with older server versions before 14.10xC6, Enterprise Replication requires configuring ENCRYPT_CDR instead of ENCRYPT_SMX.
You cannot configure an Enterprise Replication connection with a CSM.
#dbservername nettype hostname servicename options
gserv1 group - - i=143
serv1 ontlitcp ny.usa.com ertest1 g=gserv1
c_serv1 ontlitcp ny.usa.com ertest10 csm=(ENCCSM)
In this example, serv1 and c_serv1 are two connection ports on the same database server. Encrypted client/server communication uses the c_serv1 port, while encrypted Enterprise Replication uses the serv1 port.
For more information on encrypting client/server network communications, see the IBM® Informix® Administrator's Guide.