CoreNodeSQL exposes SQLite over TCP for multi-client access with authentication, role-based grants, TLS encryption, and native drivers for 7 programming languages. One server, unlimited possibilities.
await using var conn = new CoreNodeSQLConnection(
host: "db.example.com",
port: 5433,
database: "appdb",
username: "appuser",
password: "secret");
await conn.OpenAsync();
var count = await conn.ExecuteScalarAsync<long>(
"SELECT COUNT(*) FROM users");
Console.WriteLine($"Users: {count}");CoreNodeSQL combines the simplicity of SQLite with enterprise networking capabilities.
Multi-user authentication with role-based access control. Create users with admin, readwrite, or readonly permissions per database.
Built-in TLS with auto-generated self-signed certificates, custom PFX import, mixed-mode listeners, and certificate pinning.
Encrypt databases at rest with PRAGMA key support. Encrypt existing databases, manage runtime keys, and rotate credentials seamlessly.
Native binary protocol drivers for C#/.NET, Java (JDBC), C++, C, Python, and PHP. Plus a PDO-like API for familiar workflows.
Cross-platform desktop application (Windows, Linux, macOS) for server management, SQL workspace, backup/restore, and real-time monitoring.
Automated backup schedules with retention policies, prune schedules, system snapshots, and point-in-time restore with DatabaseId verification.
WebSocket-based real-time metrics, schema change events, and security audit feeds. Live dashboard with CPU, memory, and disk stats.
Built-in brute-force guard with IP blocking, comprehensive security event logging, configurable retention, and compliance-ready audit trails.
Built-in connection pool with configurable max connections, concurrent request limits, and separate read connection management.
From IoT edge devices to enterprise dashboards — see how teams use CoreNodeSQL to simplify their data infrastructure.
Centrally manage data across thousands of IoT gateways and edge devices. Deploy lightweight SQLite-backed services via Docker — no heavy database cluster required.
Replace complex SQL clusters for your internal reporting and dashboards with a lightweight solution. Multi-client access with authentication — no DBA overhead.
Turn your single-user desktop application into a multi-user capable solution with minimal effort. Native drivers for 7 languages make integration seamless.
A lean binary protocol over TCP connects your applications to managed SQLite databases.
Compact binary framing with 1-byte message type, 4-byte payload length, and efficient value encoding. Request IDs enable concurrent operations and request cancellation.
Single TCP port for all client connections. TLS and plaintext clients can connect on the same port in mixed mode. WebSocket realtime runs on port+1 by default.
Server runs on Windows 10+ and Linux (Ubuntu 22.04+, Debian 12+, Raspberry Pi OS). Desktop GUI & CLI also available on macOS. Deploy as Windows MSI, Linux systemd service, or Docker container.
All drivers implement the same binary protocol with full feature parity.
ADO.NET-compatible client with Microsoft.Data.Sqlite compatibility layer. Drop-in replacement for existing SQLite code - just change the connection string.
CoreNodeSQL.Clientdotnet add package CoreNodeSQL.Client
// Option A: Microsoft.Data.Sqlite compatibility
await using var conn = new SqliteConnection(
"Host=127.0.0.1;Port=5433;Database=appdb;" +
"Username=appuser;Password=secret;Tls=true");
await conn.OpenAsync();
// Option B: Native CoreNodeSQL API
await using var conn = new CoreNodeSQLConnection(
host: "127.0.0.1", port: 5433,
database: "appdb",
username: "appuser",
password: "secret");
await conn.OpenAsync();
// Queries with parameters
var result = await conn.ExecuteQueryAsync(
"SELECT * FROM users WHERE role = @role",
new Dictionary<string, object?> {
["@role"] = "admin"
});Standard JDBC driver for seamless integration with DBeaver, IntelliJ Rider, and any Java application. Supports TLS and database encryption keys in the URL.
CoreNodeSQL.Jdbc-1.0.0.jar
// JDBC URL format
String url = "jdbc:corenodesql://127.0.0.1:5433/appdb"
+ "?user=appuser&password=secret"
+ "&tls=true&trustServerCertificate=true";
// With encrypted database
String encUrl = "jdbc:corenodesql://127.0.0.1:5433/Test"
+ "?user=admin&password=secret"
+ "&key=TopSecret";
// Driver class for DBeaver/Rider
// com.corenodesql.jdbc.CoreNodeSQLDriver
Connection conn = DriverManager
.getConnection(url);
Statement stmt = conn.createStatement();
ResultSet rs = stmt.executeQuery(
"SELECT * FROM users");Header-only C++17 implementation with optional OpenSSL TLS. Includes a PDO-like wrapper for familiar database workflows in C++.
cmake -S . -B build && cmake --build build
#include "CoreNodeSQL.hpp"
using namespace corenodesql;
int main() {
CoreNodeSQLConnection conn(
"127.0.0.1", 5433,
"appdb", "appuser", "secret");
conn.open();
conn.executeNonQuery(
"INSERT INTO items (name) VALUES (@n)",
{{"@n", std::string("Hello")}});
auto rows = conn.executeQuery(
"SELECT * FROM items").rows();
for (const auto& row : rows)
std::cout << valueToText(
row.at("name")) << "\n";
}Classic C client with full protocol support. Ideal for embedded systems, legacy applications, and performance-critical environments.
cmake -S . -B build && cmake --build build
#include "corenodesql.h"
int main() {
cnsql_connection* conn = cnsql_connect(
"127.0.0.1", 5433,
"appdb", "appuser", "secret");
cnsql_execute_nonquery(conn,
"CREATE TABLE IF NOT EXISTS items "
"(id INTEGER PRIMARY KEY, name TEXT)");
cnsql_result* res = cnsql_execute_query(
conn, "SELECT * FROM items");
while (cnsql_next_row(res)) {
printf("%s\n",
cnsql_get_text(res, "name"));
}
cnsql_disconnect(conn);
}Pure Python implementation requiring no native extensions. Includes a PDO-like wrapper for developers familiar with PHP-style database access.
from corenodesql import CoreNodeSQLConnection
from corenodesql import CoreNodeSQLConnection
conn = CoreNodeSQLConnection(
"127.0.0.1", 5433,
"appdb", "appuser", "secret",
{"tls": True})
conn.open()
conn.executeNonQuery(
"INSERT INTO items (name) VALUES (@n)",
{"@n": "Hello"})
rows = conn.executeQuery(
"SELECT * FROM items").getRows()
for row in rows:
print(row["name"])
conn.close()Pure PHP implementation of the CoreNodeSQL binary protocol. No PHP extensions required - works out of the box with PHP 7.4+ and includes a PDO-like wrapper.
require_once 'CoreNodeSQL.php';
use CoreNodeSQL\CoreNodeSQLConnection;
$conn = new CoreNodeSQLConnection(
'127.0.0.1', 5433,
'appdb', 'appuser', 'secret',
['tls' => true]);
$conn->open();
$conn->executeNonQuery(
'INSERT INTO items (name) VALUES (@n)',
['@n' => 'Hello']);
$result = $conn->executeQuery(
'SELECT * FROM items ORDER BY id');
foreach ($result as $row) {
echo $row['name'] . PHP_EOL;
}
$conn->close();CoreNodeSQL protects your data at every layer - in transit, at rest, and at access.
From a single binary to Docker containers - CoreNodeSQL fits your infrastructure.
MSI installer with Windows Service integration. Self-contained binary, no .NET or VC++ runtime required.
CoreNodeSQL.Server.win-x64.msi
systemd service with auto-install, update, and user management. Supports x64 and arm64.
./CoreNodeSQL.Server --install /opt/CoreNodeSQL
Desktop GUI and CLI tool for managing remote CoreNodeSQL servers. Self-contained, no .NET installation needed.
./CoreNodeSQL.UI
Multi-arch container images (x64 + arm64) with persistent volume mounts and manifest support.
docker run -p 5433:5433 corenodesql/server
Get CoreNodeSQL running locally with these simple steps.
Install CoreNodeSQL with a single step. On first start, it creates the admin database, a default database, and an admin user.
# Windows - double-click the MSI installer
$ CoreNodeSQL.Server.win-x64.msi
# Linux
$ ./install-linux.sh --install-dir /opt/corenodesql
# Server starts on port 5433
# Default admin user: admin / admin
# Self-contained - no .NET installation requiredUse the interactive SQL shell to manage your databases, users, and permissions.
$ CoreNodeSQL.CLI --host 127.0.0.1 --port 5433 \
--user admin --password admin --database default
corenodesql[default]> ADMINPASS NewSecurePassword123
corenodesql[default]> CREATE DATABASE appdb;
corenodesql[default]> CREATE USER appuser PASSWORD 'secret';
corenodesql[default]> GRANT readwrite ON appdb TO appuser;Use the native driver for your language to connect and start querying.
// .NET - install CoreNodeSQL.Client from NuGet
var conn = new CoreNodeSQLConnection(
"127.0.0.1", 5433, "appdb",
"appuser", "secret");
await conn.OpenAsync();
await conn.ExecuteNonQueryAsync(
"CREATE TABLE items (id INTEGER PRIMARY KEY, name TEXT)");Everything you need to configure, deploy, and integrate CoreNodeSQL.
All server settings are persisted in the admin database (data/_admin.db). Configure networking, connection limits, TLS, backups, realtime, and security audit via CoreNodeSQL.UI → Settings → Server.
BindAddress (default 0.0.0.0) controls which network interface the server listens on. Port (default 5433) is the TCP port. Bootstrap overrides via --port and --ws-port are only used on first start when no persisted settings exist yet.
./CoreNodeSQL.Server --install /opt/CoreNodeSQL --port 5433 --ws-port 5434MaxConnections (default 100) limits simultaneous client connections. MaxConcurrentRequests (default 16) limits parallel query execution. MaxReadConnections (default 16) manages the separate read connection pool for each database engine.
Set Tls.Enabled=true to enable TLS. If CertificatePath points to a valid PFX, it is used. If missing and GenerateSelfSignedIfMissing=true, a self-signed PFX is created. With AllowUnencryptedClients=true (default), the server runs in mixed mode—TLS and plaintext clients connect on the same port.
Tls.Enabled=true · CertificatePath=certs/server.pfx · AllowUnencryptedClients=trueBackupDirectory (default backups, relative to DataDirectory) is used for all backup/restore/list/purge commands. BACKUP DATABASE <db> without a path creates a timestamped backup inside this directory. System snapshots are stored under BackupDirectory/systembackup.
Realtime.Enabled=true enables the WebSocket endpoint. Realtime.Port=0 means "main TCP port + 1" (e.g., 5433 → 5434). The default path is /ws/realtime. Event types include metrics.updated, schema.changed, and security.* events.
SecurityAudit.Enabled=true persists brute-force/security events for compliance auditing. RetentionDays (default 90) defines automatic pruning. Events include security.auth_failed, security.login_blocked, security.ip_blocked, and security.ip_unblocked.
Unencrypted databases always use journal_mode=WAL. EnableWalForEncryptedDatabases=true (default) enables WAL for encrypted databases too—faster on write-heavy workloads if your SQLite build supports WAL+encryption correctly. Set to false for the safer journal_mode=DELETE fallback.
Controls SQLite durability via PRAGMA synchronous. NORMAL (default): faster writes, last transactions may be lost on crash. FULL: stronger durability. EXTRA: maximum durability. OFF: fastest, no guarantees.
Standard SQLite SQL plus CoreNodeSQL extensions for database management, encryption, backup/restore, and scheduler operations.
CREATE DATABASE appdb;
DROP DATABASE appdb;
DROP DATABASE appdb WITH BACKUPS;DROP DATABASE keeps backups by default unless DeleteBackupsOnDrop=true or WITH BACKUPS is specified. The default database cannot be dropped.
ENCRYPT DATABASE appdb KEY MySecret;
ENCRYPT DATABASE appdb HEXKEY 4D79536563726574;
DECRYPT DATABASE appdb KEY MySecret;Converts existing plaintext databases to encrypted (or vice versa). The server performs strict verification after encryption/decryption. Admin permission required.
BACKUP DATABASE appdb TO appdb-backup.db;
BACKUP DATABASE appdb;
SHOW BACKUPS;
RESTORE DATABASE appdb FROM appdb-backup.db REPLACE;Backups are stored in the configured BackupDirectory. RESTORE verifies DatabaseId metadata; use FORCE for admin override on mismatched metadata.
USE appdb;
PRAGMA key='MySecret';
PRAGMA rekey='NewSecret';
PRAGMA key=''; -- clear runtime keySets the runtime encryption key for the current database session. Must be executed before first read on encrypted databases. Keys are stored in server memory only—never persisted to disk.
CREATE BACKUP SCHEDULE FOR appdb DAILY AT 00:00 ENABLED;
CREATE PRUNE SCHEDULE FOR appdb DAILY AT 21:00 RETENTION 5 DAYS ENABLED;
SHOW BACKUP SCHEDULES;
ALTER BACKUP SCHEDULE 1 DISABLE;
DROP PRUNE SCHEDULE 2;Automated backup and prune schedules executed in server local time. Supports hourly and daily intervals with configurable retention policies.
CREATE USER appuser PASSWORD 'secret';
GRANT readwrite ON appdb TO appuser;
GRANT readonly ON appdb TO viewer;
REVOKE ON appdb FROM appuser;Per-database permission grants with readonly, readwrite, and admin roles. Use least-privilege accounts for application users.
ADD DATABASE /srv/imports/app.db AS appdb;
ADD DATABASE IF NOT EXISTS /path/to/file.db;Imports an existing SQLite file into the server. The file is copied into the server's data directory and becomes immediately available for multi-client access.
PURGE BACKUPS OLDER THAN 30;Deletes backup files older than the specified number of days. Works within the configured BackupDirectory. Combine with prune schedules for fully automated retention.
Binary TCP protocol with 1-byte message type, big-endian length, and little-endian payload fields. Request IDs enable concurrent operations.
Client sends Hello first with requestId, protocolVersion, capabilities (flags), clientName, and clientVersion. Server replies with HelloAck including serverName, serverVersion, maxPayload, and capability flags.
Connect sends requestId, database, username, password. Server replies with ConnectAck containing sessionId, protocolVersion, and permission level. Disconnect gracefully closes the session.
Result sets are streamed using RowSetBegin (column names), RowSetRow (one row per message with typed values), and RowSetEnd. This bracketed streaming avoids buffering large result sets in memory.
PrepareStatement sends SQL text and receives PrepareAck with a statementId. ExecutePrepared references the statement by ID with a resultKind and parameters. CloseStatement releases server resources.
BatchExecute sends multiple commands in a single request, each with kind (NonQuery/Scalar), SQL, and parameters. Server returns BatchResult with per-item results: affectedRows for NonQuery or typed values for Scalar.
CancelRequest sends a targetRequestId to cancel an in-flight operation. Useful for long-running queries or streaming operations that need to be interrupted.
Admin-only message types: CreateDatabase, DropDatabase, ListDatabases, CreateUser, DropUser, GrantAccess, RevokeAccess, BackupDatabase, RestoreDatabase, CreateBackupSchedule, CreatePruneSchedule, GetServerStats, and more.
Values are typed: Null (no payload), Integer (int64 LE), Real (double LE), Text (length-prefixed UTF-8), Blob (length-prefixed raw bytes). Strings use int32 length + UTF-8 bytes; length -1 means null.
Native drivers with identical feature sets across C#, Java, C++, Python, and PHP. Each includes examples, tests, and PDO-like wrappers.
dotnet add package CoreNodeSQL.ClientADO.NET-compatible client with async/await, connection pooling, streaming, prepared statements, batch execution, and full admin API. Targets .NET 10. Use CoreNodeSQLConnection for the native API or the Microsoft.Data.Sqlite compatibility layer.
jdbc:corenodesql://127.0.0.1:5433/default?user=admin&password=secret&tls=trueStandard JDBC driver for DBeaver, Rider, and Java applications. Driver class: com.corenodesql.jdbc.CoreNodeSQLDriver. Supports TLS, certificate pinning, and encryption keys in the JDBC URL.
cmake -S . -B build && cmake --build build --config ReleaseC++17 implementation with optional OpenSSL TLS. Includes CoreNodeSQLConnection native API and CoreNodeSQLPDO wrapper. Prepared statements, streaming, admin operations, and comprehensive test suite included.
from corenodesql import CoreNodeSQLConnectionPure Python driver (no native dependencies). Python 3.8+ compatible. Includes CoreNodeSQLPDO wrapper, streaming, prepared statements, and admin DB methods. Comprehensive fullexample.py included.
require_once 'CoreNodeSQL.php';Pure PHP implementation (no extensions needed). PHP 7.4+ compatible. Includes CoreNodeSQLPDO wrapper, streaming, prepared statements, TLS, encryption key support, and admin operations.
Keep your existing using Microsoft.Data.Sqlite; code. Replace the Microsoft.Data.Sqlite package with CoreNodeSQL.Client and change the connection string from Data Source=./app.db to Host=127.0.0.1;Port=5433;Database=appdb;Username=appuser;Password=secret. Full compatibility for standard ADO.NET operations.
Settings are stored in data/_admin.db (server_settings table). On first start, defaults are persisted automatically. Configure via CoreNodeSQL.UI → Settings → Server.
BindAddress 0.0.0.0Port 5433MaxConnections 100MaxConcurrentRequests 16MaxReadConnections 16Tls.Enabled falseGenerateSelfSignedIfMissing trueAllowUnencryptedClients trueCertificatePath (PFX path)DataDirectory dataBackupDirectory backupsSynchronous NORMALEnableWalForEncryptedDatabases trueRealtime.Enabled trueRealtime.Path /ws/realtimeSecurityAudit.Enabled trueSecurityAudit.RetentionDays 90Keep your existing ADO.NET code. Just change the connection string.
| Feature | Status | Notes |
|---|---|---|
using Microsoft.Data.Sqlite |
Full | Same namespace exposed by compatibility layer |
| SqliteConnection basics | Full | Open, Close, ChangeDatabase for local & remote |
| Connection strings | Full | Auto-detects local SQLite vs remote CoreNodeSQL |
| SqliteCommand execution | Full | ExecuteNonQuery, ExecuteScalar, ExecuteReader |
| Parameters & AddWithValue | Full | Existing parameterized code works unchanged |
| SqliteDataReader getters | Full | GetInt32, GetString, etc. implemented |
| Transactions | Full | BeginTransaction, Commit, Rollback |
| Multi-result sets | Partial | Single result set only |
| Advanced features | No | Extensions, backup API, custom functions |
Select your platform and get started in minutes. All packages include the latest stable release.
Managed cloud databases charge per query, per GB, and per connection. CoreNodeSQL gives you full control — at a fixed, predictable cost.
From free community use to enterprise-wide deployment — pick the plan that fits your needs.
For evaluation and small projects
For professional teams and applications
For organizations with multiple servers
Redistribute CoreNodeSQL with your software
All prices exclude applicable taxes. Professional Edition includes perpetual license with 1 year of and support. Enterprise and OEM require active subscription.
This offer is exclusively directed at business customers within the meaning of Sect. 14 German Civil Code (BGB). — Dieses Angebot richtet sich ausschließlich an Unternehmer im Sinne des § 14 BGB.
Try CoreNodeSQL Professional with all features unlocked for 30 days. No credit card required.
Fill in your details and we will send your trial license within one business day.
CoreNodeSQL is a networked SQLite server that exposes SQLite databases over TCP for multi-client access. It adds authentication, role-based grants, TLS encryption, database-level encryption, automated backups, real-time monitoring, and native drivers for C#, Java, C++, C, Python, and PHP. Think of it as turning SQLite into a proper client-server database without changing your SQL.
The CoreNodeSQL Server runs on Windows 10/11, Windows Server 2019+, and Linux (Ubuntu 22.04+, Debian 12+, Raspberry Pi OS Bookworm+, x64 and arm64). The Desktop GUI and CLI are additionally available on macOS. Deploy as a Windows service (MSI), Linux systemd service, or Docker container.
Native binary protocol drivers are available for C#/.NET (NuGet package), Java (JDBC driver), C++ (CMake, C++17), C (CMake), Python (pure Python, 3.8+), and PHP. All drivers support the full feature set: queries, transactions, prepared statements, streaming, TLS, encryption keys, and admin operations.
Yes. The .NET client includes a Microsoft.Data.Sqlite compatibility layer. Remove the Microsoft.Data.Sqlite package reference, add CoreNodeSQL.Client instead, and keep your existing using Microsoft.Data.Sqlite; code. Change the connection string from Data Source=./data/app.db to Host=127.0.0.1;Port=5433;Database=appdb;Username=appuser;Password=secret and your code works against a networked CoreNodeSQL server.
CoreNodeSQL uses a custom SQLite fork that supports database-level encryption at rest. You can encrypt existing databases with ENCRYPT DATABASE db KEY secret, set runtime keys with PRAGMA key='secret', and manage encryption through the GUI. Keys are stored only in server memory and never persisted to disk - after a restart, keys must be provided again.
TLS can be enabled per server configuration. The server auto-generates a self-signed certificate if none is provided, or you can import a custom PFX. In mixed mode, both TLS and plaintext clients connect on the same port. Clients can trust all certs, pin specific thumbprints, or use CA verification.
CoreNodeSQL supports manual and scheduled backups. Create on-demand backups with BACKUP DATABASE db, set up hourly/daily backup schedules, configure prune schedules with retention policies, and restore with RESTORE DATABASE db FROM backup. System snapshots protect the admin database and security audit logs. All operations available via CLI, API, and GUI.
Yes. Use ADD DATABASE /path/to/file.db AS mydb to import an existing SQLite file into the server. The file is copied into the server's data directory and immediately available for multi-client access with all CoreNodeSQL features (authentication, grants, backups, encryption).
The default TCP port is 5433. The protocol is a compact binary format with 1-byte message type, 4-byte length header (big-endian), and little-endian payload fields. WebSocket realtime runs on port 5434 by default (configurable). The binary protocol is significantly more efficient than text-based protocols.
Yes. Multi-arch Docker images are available for linux-x64 and linux-arm64. Data persistence is mounted at /var/lib/corenodesql/data. The container runs with DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=1 on minimal Linux images without ICU packages.
Get in touch with our team to discuss licensing, enterprise support, and custom integration options.