Is ssl protocol supported for jdbc ( db2 ) ?
Hi,
Our security team is mentioning SSL communication in conjunction with our DB2 databases, so I'm thinking that SSL may be required at some point down the road. I tried searching these fora for variations of "SSL JDBC database connection" with no clear result.
This article SSL and JDBC describes the mechanics of configuring the DB2 server and DB2 client. In its example verification it shows an explicit setting of a property:
So, I'm guessing that the Jazz application won't magically work if the JDBC points to an SSL enabled database.
Our security team is mentioning SSL communication in conjunction with our DB2 databases, so I'm thinking that SSL may be required at some point down the road. I tried searching these fora for variations of "SSL JDBC database connection" with no clear result.
This article SSL and JDBC describes the mechanics of configuring the DB2 server and DB2 client. In its example verification it shows an explicit setting of a property:
java.util.Properties properties = new java.util.Properties();
properties.put("user", "enter user name");
properties.put("password", "enter password");
properties.put("sslConnection", "true");
Later those properties are used in the creation of the connection:
try
{
System.out.println("url: " + url);
con = java.sql.DriverManager.getConnection(url, properties);
java.sql.Statement s2 = con.createStatement();
JDBC uri _may_ recognize other properties besides user,password, but I've not located documentation yet.
So, I'm guessing that the Jazz application won't magically work if the JDBC points to an SSL enabled database.
One answer
Hi Kevin,
While CLM does not support this configuration currently (there is no place to define the "sslConnection" JDBC property as far as I can see), you should be able to implement it by using JDBC data source in WebSphere Application Server - CLM supports using JDBC data source but it seems that only few users choose this option. See below post in developerWorks for a similar scenario.
https://www.ibm.com/developerworks/community/forums/html/topic?id=38ee2f3f-3037-4760-9c5b-4019c586acae
While CLM does not support this configuration currently (there is no place to define the "sslConnection" JDBC property as far as I can see), you should be able to implement it by using JDBC data source in WebSphere Application Server - CLM supports using JDBC data source but it seems that only few users choose this option. See below post in developerWorks for a similar scenario.
https://www.ibm.com/developerworks/community/forums/html/topic?id=38ee2f3f-3037-4760-9c5b-4019c586acae
Comments
Kevin Ramer
Oct 08 '14, 10:42 a.m.Found reference to sslConnection in DB2 doc under JDBC Properties:
So, I guess in theory ssl connection could be used.Francesco Chiossi
Oct 09 '14, 4:31 a.m.Hello Kevin,
what is the business need to encrypt the connection between the application and the DB?
I see a possible concern in the performance area.
Wouldn't be more effective to have the communication between the application server and the database going in a secured section of the network?
Best Regards,
Francesco Chiossi
Kevin Ramer
Oct 09 '14, 8:31 a.m.Currently, none. But my security focal was inquiring about SSL configuration on DB2 as part of our periodic health checks, so I'm thinking it's only a matter of time.
Our physical arrangement is likely such that we could setup a private network between the LPAR providing db2 and the 2 LPAR hosting our CLM applications.