Configuring TLS 1.3 on DB2 during runtime

You can configure TLS 1.3 for a secure connection between Sterling B2B Integrator and DB2 during runtime.

Minimum Requirements

The following minimum requirements must be met to enable TLS 1.3:

DB2 v11.5.8 or later.
Ensure TLS 1.3 specific Cipher Suite are enabled. For more information, see Supported cipher specifications at the server.

Note: Always ensure that you have the latest JDBC driver that is compatible with the DB2 available. For more information, see DB2 JDBC Driver Versions and Downloads. An existing JDBC driver may not be compatible with the DB2.

Procedure

For a Helm installation, you can configure the SSL option by adding the following attributes in the values.yaml file available in ibm-b2bi-prod chart.


dbPort: <DB2 SSL Port>. Mandatory.
usessl: true. Mandatory.
dbTruststore. Trust store file name(.jks file). Mandatory.
TLS_VERSION: TLSv1.3

Note:

Make sure to add the .jks file in the filesystem directory present on the host machine mapped to /ibm/resources/ using pv (Persistent Volume).
Modify the database 'secret' with the DB_TRUSTSTORE_PASSWORD.

Run the following command for the above changes to take effect:


helm upgrade <release_name> <path to ibm-b2bi-prod chart>

Where, <release_name> refers to the current release where the changes are done.