Try OpenEdge Now
skip to main content
SQL Development
JDBC Client : Connecting to an OpenEdge database with a JDBC driver : Enabling encryption : TrustStore and TrustStorePassword
 
TrustStore and TrustStorePassword
When using basic server authentication with SSL, the certificate returned by the server to the client must have been issued by a certifying authority that is trusted by the client for the SSL session to be established. Certifying authorities trusted by the client reside in an encrypted file called a trust store. Most if not all trust stores are password protected. The Java platform defines standard system properties for specifying the location of the trust store and the value of the trust store password. These properties are:
*javax.net.ssl.trustStore
*javax.net.ssl.trustStorePassword
These can be specified on the java command line as:
-Djavax.net.ssl.trustStore=C:\Certificates\MyTrustStore
-Djavax.net.ssl.trustStorePassword=myPassword
To enable the trust store and trust store password, the driver employs two connect options - trustStore and trustStorePassword. The value of the trustStore option is a pathname which specifies the location of the trust store file. The value of the trustStorePassword is the password required to access the contents of the trust store. The values specified for the trustStore and trustStorePassword connect options override any value specified by the corresponding Java system property. If a trustStore or trustStorePassword option is not specified, the driver recognizes any value specified for the corresponding system property.
The following table provides descriptions of the methods used to enable encryption in the driver.
Table 4. Encryption methods for the JDBC Driver
Encryption Methods
Description
setEncryptionMethod
Specifies the driver encryption method. The encryption method determines whether the driver encrypts and decrypts the data sent between the driver and the data server.
getEnvryptionMethod()
Returns the driver encryption method.
setValidateServerCertificate
Specifies whether the driver will validate the server certificate returned by the database server.
getValidateServerCertificate ()
Returns whether the driver will validate the server certificate returned by the database server.
setHostNameCertificate
Specifies the name the driver will use to compare with the certificate common name returned by the database server during SSL session establishment.
getHostNameCertificate
Returns the name the driver will use to compare with the certificate common name returned by the database server.
setTrustStore
Specifies the full path to the trust store file which contains the certificate authorities trusted by the driver.
getTrustStore ()
Returns the path to the trust store.
setTrustStorePassword
Specifies the password used to gain access to the trust store.
getTrustStorePassword
Returns the trust store password.