skip to main content
Using the Driver : Using Connection Properties : Data Encryption Properties
  

Try DataDirect Drivers Now

Data Encryption Properties

The following table summarizes connection properties which can be used in the implementation of SSL data encryption, including server and client authentication.
Table 10. Data Encryption Properties
Property
Characteristic
Specifies a cryptographic protocol or comma-separated list of cryptographic protocols that can be used when SSL is enabled (EncryptionMethod=SSL).
The default is determined by the settings of the JRE.
Determines whether data is encrypted and decrypted when transmitted over the network between the driver and database server.
If set to noEncryption, data is not encrypted or decrypted.
If set to SSL, data is encrypted using SSL. If the database server does not support SSL, the connection fails and the driver throws an exception.
If set to requestSSL, the login request and data is encrypted using SSL. If the database server does not support SSL, the driver establishes an unencrypted connection.
Note: Enabling SSL EncryptionMethod=SSL and Transport mode (TransportMode=http) configures the driver to use HTTPS end points instead of HTTP end points.
The default is noEncryption.
Specifies a host name for certificate validation when SSL encryption is enabled (EncryptionMethod=SSL) and validation is enabled (ValidateServerCertificate=true). This property is optional and provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the driver is connecting to is the server that was requested.
Specifies the password that is used to access the individual keys in the keystore file when SSL is enabled (EncryptionMethod=SSL) and SSL client authentication is enabled on the database server. This property is useful when individual keys in the keystore file have a different password than the keystore file.
Specifies the directory of the keystore file to be used when SSL is enabled (EncryptionMethod=SSL) and SSL client authentication is enabled on the database server. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request.
Specifies the password that is used to access the keystore file when SSL is enabled (EncryptionMethod=SSL) and SSL client authentication is enabled on the database server. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request.
Specifies the directory of the truststore file to be used when SSL is enabled (EncryptionMethod=SSL) and server authentication is used. The truststore file contains a list of the Certificate Authorities (CAs) that the client trusts.
Specifies the password that is used to access the truststore file when SSL is enabled (EncryptionMethod=SSL) and server authentication is used. The truststore file contains a list of the Certificate Authorities (CAs) that the client trusts.
Determines whether the driver validates the certificate that is sent by the database server when SSL encryption is enabled (EncryptionMethod=SSL). When using SSL server authentication, any certificate that is sent by the server must be issued by a trusted Certificate Authority (CA).
The default is true.