SSLClientKeystoredb IBM data server driver configuration keyword
Specifies the Secure Socket Layer (SSL) keystore database file that is used for an SSL connection with or without the CERTIFICATE authentication.
- Equivalent CLI keyword
- SSLClientKeystoredb
- Equivalent IBM® data server provider for .NET connection string keyword
- SSLClientKeystoredb
- IBM data server driver configuration file (db2dsdriver.cfg) syntax
<parameter name="SSLClientKeystoredb" value="fully_qualified_path_of_the_key_database_file"/>- Default setting:
- None
- Usage notes:
The SSLClientKeystoredb keyword can be specified when the security CLI keyword or the SecurityTransportMode IBM data server driver configuration keyword is set to SSL. You must specify either the SSLClientKeystash keyword or the SSLClientKeystoreDBPassword keyword with the SSLClientKeystoredb keyword. The SSLClientKeystash and SSLClientKeyStoreDBPassword keywords are mutually exclusive.
The SSLClientKeystash or SSLClientKeyStoreDBPassword keyword can be specified with the SSLClientKeystoredb and SecurityTransportMode keywords in the main
You can use the SSLClientKeystoredb keyword to specify the fully qualified path of the keystore database file (<parameters>section to have global effect or in individual<dsn>or<database>section for specific database connection. However, all SSL-related parameters (the SSLClientKeystash or SSLClientKeyStoreDBPassword keyword with the SSLClientKeystoredb and SecurityTransportMode keywords) must be set in a same section..kdb).The keystore database stores the certificate. The certificate can be either self-signed certificate from a server or signed by a trusted certificate authority.
If you do not set the SSLClientKeystoredb keyword when the SSL protocol is specified with the security CLI keyword or the SecurityTransportMode IBM data server driver configuration keyword, the CLI driver and the IBM Data Server Provider for .NET use the internally generated unique default keystore database.