skip to main content
Using the Driver : Data Encryption : SSL Encryption : Summary of Data Encryption Options
  

Try DataDirect Drivers Now
Summary of Data Encryption Options
The following table summarizes how security-related connection options work with the drivers. See "Connection Option Descriptions" for details about configuring the options.
Table 9. Summary: Security Connection Options
Option
Description
Specifies a comma-separated list of the cryptographic protocols to use when accessing an HTTPS endpoints. When multiple protocols are specified, the driver uses the highest version supported by the server.
Default: TLSv1.2, TLSv1.1, TLSv1
A host name for certificate validation when SSL encryption is enabled (Encryption Method=1) and validation is enabled (Validate Server Certificate=1). This option provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the driver is connecting to is the server that was requested.
Default: None
The password used to access the individual keys in the keystore file when accessing an HTTPS endpoint and SSL client authentication is enabled for the REST service. Keys stored in a keystore can be individually password-protected. To extract the key from the keystore, the driver must have the password of the key.
Default: None
The fully qualified path and file name of the keystore file to be used when accessing an HTTPS endpoint and SSL client authentication is enabled for the REST service. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request. If you do not specify a directory, the current directory is used.
Default: None
The password used to access the keystore file when accessing an HTTPS endpoint and SSL client authentication is enabled on the database server. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request.
Default: None
The directory that contains the truststore file and the truststore file name to be used when accessing an HTTPS endpoint and server authentication is used. The truststore file contains a list of the valid Certificate Authorities (CAs) that are trusted by the client machine for SSL server authentication. If you do not specify a directory, the current directory is used.
Default: None
The password that is used to access the truststore file when accessing an HTTPS endpoint and server authentication is used. The truststore file contains a list of the Certificate Authorities (CAs) that the client trusts.
Default: None
Determines whether the driver validates the certificate that is sent by the database server when SSL encryption is enabled (Encryption Method=1). When using SSL server authentication, any certificate sent by the server must be issued by a trusted Certificate Authority (CA). Allowing the driver to trust any certificate returned from the server even if the issuer is not a trusted CA is useful in test environments because it eliminates the need to specify truststore information on each client in the test environment.
Default: 1 (Enabled)