All communication between the driver and the Hybrid Data Pipeline server, including user IDs and passwords, is encrypted using TLS. The driver uses OpenSSL 3.0 to implement TLS protocols. In addition, the driver supports the Federal Information Processing Standard or FIPS (140-2), regarding cryptographic module security requirements. The following table shows the connection options that may be used to configure data encryption.

Important: When TLS/SSL is enabled for communication between an ODBC client application and Hybrid Data Pipeline, the server certificate must be encrypted with an OpenSSL 3.0-compliant cryptographic algorithm.
Connection Option Description
Encryption Method Specifies whether the driver encrypts data sent between the driver and the Hybrid Data Pipeline connectivity service.
Enable FIPS Determines whether the OpenSSL library uses cryptographic algorithms from the FIPS provider or the default provider.
Crypto Protocol Version Specifies a comma-separated list of the cryptographic protocols to use when SSL is enabled using the Encryption Method connection option (EncryptionMethod=1). When multiple protocols are specified, the driver uses the highest version supported by Hybrid Data Pipeline.
Validate Server Certificate Determines whether the connectivity service validates the certificate that is sent by the Hybrid Data Pipeline server when SSL encryption is enabled.
Trust Store The location of the trust store file that contains a list of the valid Certificate Authorities (CAs) that are trusted by the client machine for SSL server authentication.
Trust Store Password The password that is used to access the trust store file when server authentication is used. The trust store file contains a list of the Certificate Authorities (CAs) that the client trusts.
Host Name In Certificate A host name that is validated against the information stored in an SSL certificate when validation is enabled (ValidateServerCertificate=1)