SSL Connection Over JDBC for DB2
Create Certificate
The steps demonstrated here are performed on a Windows DB2 machine version 11.5.
Before proceeding, ensure that GSKit lib is added to the PATH variable.
Create a key database and configure your digital certificates.
Add the certificate for the server to the key database.
Extract the certificate to a file.
Set up SSL support.
Add the SSL to the DB2COMM registry variable.
Note
Replace db2inst with your db2 instance.
Restart DB2 instance.
Verify the SSL parameter.
Upload Certificate
The CA certificate can be uploaded through the CipherTrust Manager's REST interface or GUI.
CipherTrust Manager's UI
Log on to the CipherTrust Manager GUI.
Click Database Protection to open the application. The Databases screen displays the list of existing database connections, if any.
In the left pane, click Database Certificates and enter the following details.
Field Description Name Unique name for certificate. Certificate Content of the cert.txt
file in .PEM format.Click Upload.
The SSL setup is complete. You can now create database connection over SSL.
CipherTrust Manager's Rest interface
Open the CipherTrust Manager URL in a browser. The login page is displayed.
On the login page, click the API & CLI Documentation link. The API playground is displayed in the right.
Click Authenticate.
Enter username, password, domain, and click POST. The default domain is
root
.In the left pane, click CDP > Database.
Click Upload - post. The Upload - post section is displayed on the right.
In the body field, paste the CA certificate in the
.pem
format as shown below.Click POST.
Select SSL
On the DB2 Database Configuration page, select the Protocol as SSL.