TLS/SSL Encryption
- Last Updated: April 25, 2024
- 1 minute read
- DataDirect Connectors
- ODBC
- Cloudera Impala 7.1
- dBase 7.1
- Flat files/Text 7.1
- MySQL 7.1
- Pervasive (Btrieve) 7.1
- XML 7.1
- Documentation
TLS/SSL encryption is available in the following DataDirect Connect Series for ODBC drivers:
- Greenplum Wire Protocol
- Impala Wire Protocol
- Progress OpenEdge Wire Protocol
- Sybase Wire Protocol
TLS/SSL works by allowing the client and server to send each other encrypted
data that only they can decrypt. TLS/SSL negotiates the terms of the encryption in a sequence
of events known as the handshake. During the handshake, the driver
negotiates the highest TLS/SSL protocol available. The result of this negotiation determines
the encryption cipher suite to be used for the TLS/SSL session. The drivers support the
following protocols using OpenSSL cipher suites:
- TLSv v1.0, v1.1, v1.2
The encryption cipher suite defines the type of encryption that is used for any data exchanged through a TLS/SSL connection. Some cipher suites are very secure and, therefore, require more time and resources to encrypt and decrypt data, while others provide less security, but are also less resource intensive.
Refer to SSL encryption cipher suites in the Progress DataDirect for ODBC Drivers Reference for a list of the encryption cipher suites supported by the drivers.
The handshake involves the following types of authentication:
- TLS/SSL server authentication requires the server to authenticate itself to the client.
- TLS/SSL client authentication is optional and requires the client to authenticate itself to the server after the server has authenticated itself to the client. Not all databases support TLS/SSL client authentication.