The following table summarizes connection properties which can be used in the implementation of SSL data encryption, including server and client authentication.

Table 1. Data Encryption Properties
Property Characteristic
CryptoProtocolVersion

Specifies a cryptographic protocol or comma-separated list of cryptographic protocols that can be used when TLS/SSL is enabled using the EncryptionMethod connection property.
EncryptionMethod

Determines whether data is encrypted and decrypted when transmitted over the network between the driver and database server.

The default is noEncryption.
HostNameInCertificate

Specifies a host name for certificate validation when SSL encryption is enabled (EncryptionMethod=SSL) and validation is enabled (ValidateServerCertificate=true). This property is optional and provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the driver is connecting to is the server that was requested.
KeyPassword

Specifies the password that is used to access the individual keys in the keystore file when SSL is enabled (EncryptionMethod=SSL) and SSL client authentication is enabled on the database server. This property is useful when individual keys in the keystore file have a different password than the keystore file.
KeyStore

Specifies the directory of the keystore file to be used when SSL is enabled (EncryptionMethod=SSL) and SSL client authentication is enabled on the database server. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request.
KeyStorePassword

Specifies the password that is used to access the keystore file when SSL is enabled (EncryptionMethod=SSL) and SSL client authentication is enabled on the database server. The keystore file contains the certificates that the client sends to the server in response to the server’s certificate request.
TrustStore

Specifies the directory of the truststore file to be used when SSL is enabled (EncryptionMethod=SSL) and server authentication is used. The truststore file contains a list of the Certificate Authorities (CAs) that the client trusts.
TrustStorePassword

Specifies the password that is used to access the truststore file when SSL is enabled (EncryptionMethod=SSL) and server authentication is used. The truststore file contains a list of the Certificate Authorities (CAs) that the client trusts.
ValidateServerCertificate

Determines whether the driver validates the certificate that is sent by the database server when SSL encryption is enabled (EncryptionMethod=SSL). When using SSL server authentication, any certificate that is sent by the server must be issued by a trusted Certificate Authority (CA).

The default is true.