HADR_SSL_LABEL - Label name in the key file for encrypted communication between HADR primary and standby instances configuration parameter
This configuration parameter specifies the label of the Transport Layer Security (TLS) certificate that encrypts communication between primary and standby HADR instances in the key database.
- Configuration type
- Parameter type
- Configurable online1
- Default [range]
- NULL [certificate-label-name]
accepts a label name of up to 127 characters Specifying the HADR_SSL_LABEL
parameter indicates that you would like TLS communication between primary and standby HADR
instances. If an existing certificate expires and you specify a new label, existing encrypted
connections will use the old certificate but any new connections created after will use the new
db2 update database configuration for <database_name> using HADR_SSL_LABEL <label_name>
HADR_SSL_LABEL is currently supported on environments that do not use IBM® Db2® pureScale®. If you upgrade from Enterprise Server Edition (ESE) to Db2 pureScale while the HADR_SSL_LABEL is set, db2checkSD will return the error DBT5038N. Users should set the value to NULL before trying to upgrade to Db2 pureScale.