srvcon_auth - Authentication type for incoming connections at the server configuration parameter
This parameter specifies how and where user authentication is to take place when handling incoming connections at the server; it is used to override the current authentication type.
Important: The SERVER_ENCRYPT and SERVER_ENCRYPT_AES
authentication types are deprecated and disabled in strict FIPS mode. For more information on the
deprecation, see Authentication
methods for your server.
- Configuration type
- Database manager
- Applies to
-
- Database server with local and remote clients
- Database server with local clients
- Partitioned database server with local and remote clients
- Parameter type
- Configurable
- Default [range]
- NOT_SPECIFIED [NOT_SPECIFIED; SERVER; SERVER_ENCRYPT; KERBEROS; KRB_SERVER_ENCRYPT; GSSPLUGIN; GSS_SERVER_ENCRYPT; SERVER_ENCRYPT_TOKEN; KERBEROS_TOKEN; GSSPLUGIN_TOKEN; KRB_SVR_ENC_TOKEN; GSS_SVR_ENC_TOKEN;]
If a value is not specified, Db2® uses the value of the authentication database manager configuration parameter.
For a description of each authentication type, see authentication - Authentication type configuration parameter
and Authentication methods for your server.
Note: When
a connection is established by using TLS, clients that are cataloged with the SERVER authentication
type are able to connect to servers that are configured with the SERVER_ENCRYPT authentication type.
This applies to all authentication types containing SERVER_ENCRYPT:
- SERVER_ENCRYPT
- SERVER_ENCRYPT_TOKEN
- KRB_SERVER_ENCRYPT
- KRB_SVR_ENC_TOKEN
- GSS_SERVER_ENCRYPT
- GSS_SVR_ENC_TOKEN