This configuration parameter specifies the key file to be used for SSL connection at the client-side.
This parameter specifies a fully qualified file path for the key file; or, on Windows only, the keyword GSK_MS_CERTIFICATE_STORE to use the Microsoft Windows Certificate Store.
The SSL key file has extension .kbd by default, and stores the signer certificate from the servers personal certificate. For a self-signed server personal certificate, the signer certificate is the public key. For a certificate authority signed server personal certificate, the signer certificate is the root CA certificate. The key file is accessed by the client to verify the servers personal certificate during the SSL handshake.
By default, the value is null. Depending on your application type, you should specify the client SSL key file path by the database manager configuration parameter ssl_clnt_keydb, the connection string ssl_clnt_keydb, or the db2cli.ini and db2dsdriver.cfg keyword SSLClientKeystoredb for a SSL connection request. If none of them is specified, the SSL connection fails.