The SSL protocol support in CLPPlus
Starting in Fix Pack 7, you can establish SSL connections in the CLPPlus interface with use of the SecurityTransportMode keyword.
The IBM® data server driver configuration file is an XML file that contains a list of DSN aliases, database directory information, and their properties. If the DSN alias or database entry contains the SecurityTransportMode parameter value that is set to SSL, the SSL protocol is used in CLPPlus connections to the server. If the SecurityTransportMode parameter value is set to SSL and the SSL connection requires the use of self-signed certificate on the server, you can copy the certificate to the client and set the SSLServerCertificate parameter to the absolute path and name of the certificate. For more information, see the Supported IBM data server driver configuration keyword topic.
The SSL CLPPlus connections are implemented by the JDBC driver that uses the Java™ SSL APIs and it does not use the IBM Global Security Kit (GSKit) libraries.
Examples
<configuration>
<dsncollection>
<dsn alias="S" name="SAMPLE" host="9.121.221.159" port="50001">
</dsn>
</dsncollection>
<databases>
<database name="SAMPLE" host="9.121.221.159" port="50001">
<parameter name="SecurityTransportMode" value="SSL"/>
</database>
</databases>
</configuration> The following example shows a connection being established with the contents of the IBM data server driver configuration file, which includes the SecurityTransportMode parameter value.
C:\>clpplus
CLPPlus: Version 1.1
Copyright (c) 2009, IBM CORPORATION. All rights reserved.
SQL> connect
Enter DATABASE NAME [SAMPLE]: S
Enter ID [john] :
Enter Password: ********
Database Connection Information
-------------------------------
Hostname = 9.121.221.159
Database server = DB2/XXXXXXXXX SQL10055
SQL authorization ID = john
Local database alias = S
Port = 50001
SQL>