Configuring the IBM Data Server Driver for JDBC and SQLJ to use RACF key rings for SSL certificates
For an IBM Data Server Driver for JDBC and SQLJ connection that uses SSL, you can use RACF key rings to store server certificates for SSL connections.
Before you begin
Configure connections under the IBM Data Server Driver for JDBC and SQLJ to use SSL.
Procedure
Examples
The following examples assume that you have specified the JVM system property java.protocol.handler.pkgs as a JVM argument:
-Djava.protocol.handler.pkgs=com.ibm.crypto.provider- Configuring the driver to use RACF key rings for SSL certificates using the
DataSource
interface:
com.ibm.db2.jcc.DB2SimpleDataSource ds = new com.ibm.db2.jcc.DB2SimpleDataSource(); ds.setDriverType(4); ds.setDatabaseName("DBNAME"); ds.setServerName("host"); ds.setPortNumber(448); ds.setUser("dbuser"); ds.setPassword("dbpassword"); ds.setSSLConnection (true); // enable SSLds.setSSLTrustStoreType ("JCERACFKS"); // use JCERACFKS type oftruststoreds.setSslTrustStoreLocation (safkeyring://racf-id/ring-id); // URL to the RACF key ring store ds.setSslTrustStorePassword("password"); // Password to the RACF key ring: // Must be "password" storejava.sql.Connection con = ds.getConnection (); - Configuring the driver to use RACF key rings for SSL certificates using the
DriverManager
interface:
String connectionUrl = "jdbc:db2://host:448/DBNAME:" + "sslConnection=true;" + "sslTrustStoreType=JCERACFKS;" + "sslTrustStoreLocation=safkeyring: //<racfid>/<ringid>;"+ "sslTrustStorePassword=password"; java.sql.Connection con = DriverManager.getConnection (connectionURL, "dbuser","dbpassword");