User guide
5.1.2 Server SSL Configuration
An SSL-enabled server must also be provided with SSL configuration information. This is
usually provided within the server section for the named server in an XML-based
configuration file.
To indicate that the server should be SSL-enabled, the server must be defined as one of the
following SSL server types:
RdbThinSrvSSL
RdbThinSrvMPSSL
RdbThinSrvPoolSSL
Example
<server
name="MYSSL"
type="RdbThinSrvSSL"
ssl.default="false"
ssl.context="TLS"
ssl.keyManagerFactory="SunX509"
ssl.keyStoreType="jks"
ssl.keyStore="rdbjdbcsrv.kst"
ssl.keyStorePassword="CHANGETHIS"
ssl.trustStore="rdbjdbcsrv.kst"
ssl.trustStorePassword="CHANGETHIS"
/>
If you wish to define a number of SSL-enabled servers with the same SSL characteristics,
then you can use the special DEFAULTSSL server definition to define the default
characteristics. Each subsequent server definition that has one of the SSL server types will
use these characteristics, unless explicitly overridden in the server definition.
<server
name="DEFAULTSSL"
type="RdbThinSrvSSL"
ssl.default="false"
ssl.context="TLS"
ssl.keyManagerFactory="SunX509"
ssl.keyStoreType="jks"
ssl.keyStore="rdbjdbcsrv.kst"
ssl.keyStorePassword="CHANGETHIS"
ssl.trustStore="rdbjdbcsrv.kst"
ssl.trustStorePassword="CHANGETHIS"
/>
58