IBM Support

Configuring ClearQuest connections for Oracle SSL-enabled server

Question & Answer


Question

How can you configure connections to an Oracle SSL-enabled database from IBM Rational ClearQuest?

Answer

Before configuring ClearQuest, ensure that the Oracle server with which ClearQuest will connect is SSL enabled.
 

To enable SSL connection for ClearQuest, add these parameters to the connect options for each database using the ClearQuest Maintenance tool or ClearQuest Designer as appropriate:



EXTRA_PARAMS='EncryptionMethod=1;ValidateServerCertificate=1;KeyPassword=kpwd;Keystore=klocation;TruststorePassword=tpwd;Truststore=tlocation;'


Description of the above connect options:

EncryptionMethod (EM)
The method the driver uses to encrypt data sent between the driver and the database server. If the specified encryption method is not supported by the database server, the connection fails and the driver returns an error.

ValidateServerCertificate
Determines whether the driver validates the certificate that is sent by the database server when SSL encryption is enabled.

Key Password
The password used to access the individual keys in the keystore file when SSL is enabled (Encryption Method=1) and SSL client authentication is enabled on the database server. Keys stored in a keystore can be individually password-protected. To extract the key from the keystore, the driver must have the password of the key.

Keystore
The name of the directory containing the keystore file to be used when SSL is enabled (Encryption Method=1) and SSL client authentication is enabled on the database server. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request. If you do not specify a directory, the current directory is used.

Truststore
The name of the directory containing the truststore file to be used when SSL is enabled (Encryption Method=1) and server authentication is used. The truststore file contains a list of the valid Certificate Authorities (CAs) that are trusted by the client machine for SSL server authentication. If you do not specify a directory, the current directory is used.


Truststore Password
The password that is used to access the truststore file when SSL is enabled (Encryption Method=1) and server authentication is used. The truststore file contains a list of the Certificate Authorities (CAs) that the client trusts.

For more usage information about the preceding connect options and other SSL related options, access the Progress DataDirect Connect website with the following link.

http://media.datadirect.com/download/docs/odbc/allodbc/help.html#page/userguide/rfi1363233725686.html

[{"Product":{"code":"SSSH5A","label":"Rational ClearQuest"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Database Configuration\/Connectivity - Oracle","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.1.1.7;7.1.2.4;8.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}},{"Product":{"code":"SSSH5A","label":"Rational ClearQuest"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":"Database Configuration\/Connectivity - Oracle","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"7.1.1.7;7.1.2.4;8.0","Edition":"All Editions","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
21 May 2020

UID

swg21566562