SSLClientKeystoredb CLI/ODBC configuration keyword
Specifies the Secure Socket Layer (SSL) keystore database file that is used for an SSL connection with or without the CERTIFICATE authentication.
- db2cli.ini keyword syntax:
- SSLClientKeystoredb = "<fully qualified key file path>"
- Default setting:
- None.
- Usage notes:
-
The SSLClientKeystoredb keyword can be specified when the security CLI keyword is set to SSL. You can use the SSLClientKeystoredb keyword to specify the fully qualified path of the keystore database file (
.kdb). You must specify either the SSLClientKeystash keyword or the SSLClientKeystoreDBPassword keyword with the SSLClientKeystoredb keyword. The SSLClientKeystash and SSLClientKeyStoreDBPassword keywords are mutually exclusive.The keystore database stores the certificate. The certificate can be either self-signed certificate from a server or signed by a trusted certificate authority.
The SSLClientKeystoredb keyword can be set in the
[Data Source]section of thedb2cli.inifile, or in a connection string.If you do not set the SSLClientKeystoredb keyword when the SSL protocol is specified with the security CLI keyword, the CLI driver uses the internally generated unique default in-memory keystore database. The in-memory keystore database functionality is available from GSKit 8.0.50.51 onwards.