Determines whether the connectivity service validates the certificate that is sent by the Hybrid Data Pipeline server when SSL encryption is enabled. When using SSL server authentication, any certificate sent by the Hybrid Data Pipeline server must be issued by a trusted Certificate Authority (CA). Disabling certificate validation reduces security by allowing man-in-the-middle (MITM) and other attacks. However, allowing the connectivity service to trust any certificate returned from the server even if the issuer is not a trusted CA is useful in test environments because it eliminates the need to specify trust store information on each client in the test environment.
Trust store information is specified using the Trust Store and Trust Store Password options.
Valid values
true | false
Behavior
If set to 1 (Enabled) or true, the connectivity service validates the certificate that is sent by the database server. Any certificate from the server must be issued by a trusted CA in the trust store file. If the Host Name In Certificate option is specified, the connectivity service also validates the certificate using a host name. The Host Name In Certificate option provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the connectivity service is connecting to is the server that was requested.
If set to 0 (Disabled) or false, the connectivity service does not validate the certificate that is sent by the database server. The connectivity service ignores any trust store information specified by the Trust Store and Trust Store Password options.