The driver supports TLS/SSL encryption for all supported REST services.

To configure SSL encryption:

Important: The driver complies with FIPS when FIPS mode is enabled with the client JVM. See "FIPS (Federal Information Processing Standard)" for more information.
  • Configure the minimum properties required for a connection:
    • If you are using a Model file, set the Config property to provide the name and location of the Model file. For example, C:/path/to/myrest.rest.
    • If you are using the Sample property, set the Sample property to specify the endpoint that the want to connect to and sample. For example, https://example.com/countries/.
  • Set the PortNumber property to specify the port number of the server listener. The default is 443.
  • Set the EncryptionMethod property to SSL.
  • (Optional) Set the CryptoProtocolVersion property to specify acceptable cryptographic protocol versions (for example, TLSv1.2) supported by your server.
  • (Optional) Specify the location and password of the truststore file used for SSL server authentication. Either set the TrustStore and TrustStorePassword properties or their corresponding Java system properties (javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword, respectively).
  • (Optional) To validate certificates sent by the database server, set the ValidateServerCertificate property to true.
  • (Optional) Set the HostNameInCertificate property to a host name to be used to validate the certificate. The HostNameInCertificate property provides additional security against man-in-the-middle (MITM) attacks by ensuring that the server the driver is connecting to is the server that was requested.
  • (Optional) If your database server is configured for SSL client authentication, configure your keystore information:
    • Specify the location and password of the keystore file. Either set the KeyStore and KeyStorePassword properties or their corresponding Java system properties (javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword, respectively).
    • If any key entry in the keystore file is password-protected, set the KeyPassword property to the key password.

The following examples demonstrate the required properties for a session using TLS/SSL encryption with no authentication.

For a connection URL:

Connection conn = DriverManager.getConnection
  ("jdbc:datadirect:autorest:https://example.com/;Config=C:/path/to/myrest.rest;
         EncryptionMethod=SSL");

For a data source: 

AutoRESTDataSource mds = new AutoRESTDataSource();
mds.setDescription("My Autonomous REST Data Source");
mds.setConfig ("C:/path/to/myrest.rest");
mds.setEncryptionMethod("SSL");
mds.setServerName("https://example.com/");