ValidateServerCertificate
- Last Updated: March 6, 2025
- 1 minute read
- Hybrid Data Pipeline
- Version 4.6
- Documentation
Description
Determines whether the driver validates the certificate that is sent by the
database server when SSL encryption is enabled (EncryptionMethod=SSL). When using SSL server authentication, any
certificate that is sent by the server must be issued by a trusted Certificate
Authority (CA).
Valid values
true | false
Behavior
If set to true, the driver validates the
certificate that is sent by the database server. Any certificate from the server
must be issued by a trusted CA in the truststore file. If the HostNameInCertificate
property is specified, the driver also validates the certificate using a host name.
The HostNameInCertificate property is optional and provides additional security
against man-in-the-middle (MITM) attacks by ensuring that the server the driver is
connecting to is the server that was requested.
If set to false, the driver does not validate
the certificate that is sent by the database server. The driver ignores any
truststore information that is specified by the TrustStore and TrustStorePassword
properties or Java system properties.
Notes
- Truststore information is specified using the TrustStore and TrustStorePassword properties or by using Java system properties.
- Allowing the driver to trust any certificate that is returned from the server even if the issuer is not a trusted CA is useful in test environments because it eliminates the need to specify truststore information on each client in the test environment.
Default
true
Data type
String
See also
Using data encryption