Support and certification

Visit the following web pages for the latest support and certification information.

Changes Since 6.0.0 GA

  • Enhancements
    • The driver has been enhanced to comply with FIPS standards for data encryption. As part of this enhancement, the driver was tested with FIPS 140-3 enabled using a Red Hat OpenJDK 21 on a Red Hat Universal Base Image 9 instance. See FIPS (Federal Information Processing Standard) for details.
  • Changed Behavior
    • The connection property SpyAttributes has been updated to exclude the attribute load=classname, which was previously used to load the driver specified by the given class name. See SpyAttributes for details.

Changes for 6.0.0 GA

  • Driver Enhancements
    • The driver has been enhanced to support the TLSv1.3 cryptographic protocol. As part of this enhancement, the default cryptographic protocol enabled by the driver has been updated to TLSv1.3. See CryptoProtocolVersion for more information.
    • The driver has been enhanced to support the Generic Security Standard (GSS) plug-in for authentication. The plug-in consists of a set of APIs that you can implement to customize your authentication requirements and interoperate with various security methods. You can configure a GSS plug-in using the refreshed AuthenticationMethod property and the new GSSPluginName and GSSPluginObject properties. For details, see GSS plug-in authentication.
    • The driver has been enhanced to support connecting to a proxy server through an HTTP connection. HTTP proxy support is configurable with the new ProxyHost, ProxyMode, ProxyPassword, ProxyPort, and ProxyUser connection properties. For details, see Proxy server.
    • The KeepAlive connection property has been added to the driver. Enabling the KeepAlive property allows the client to keep idle TCP connections active by periodically passing packets to the server. For details, see KeepAlive.
    • The driver has been enhanced to support Windows Defender Credential Guard when using Kerberos Authentication. For details, see Kerberos authentication
    • The driver has been enhanced to include timestamp in the Spy and JDBC packet logs by default. If required, you can disable the timestamp logging by specifying the following at connection: For Spy logs, set spyAttributes=(log=(file)Spy.log;timestamp=no) and for JDBC packet logs, set ddtdbg.ProtocolTraceShowTime=false.
    • Interactive SQL is now installed with the product. Interactive SQL is a command-line interface that supports connecting your driver to a data source, executing SQL statements and retrieving results in a terminal. This tool provides a method to quickly test your drivers in an environment that does not support GUIs. See Interactive SQL for details.
    • The RegisterStatementPoolMonitorMBean connection property has been added. Note that the driver no longer registers the Statement Pool Monitor as a JMX MBean by default. You must set RegisterStatementPoolMonitorMBean to true to register the Statement Pool Monitor and manage statement pooling with standard JMX API calls. See RegisterStatementPoolMonitorMBean for details.
    • The driver has been enhanced to support cursor type OUT parameters for Db2 for Linux, UNIX, Windows stored procedures. For details, see Db2 for Linux, UNIX, Windows stored procedure cursor type OUT parameters.
  • Changed Behavior
    • The TLSv1.1 and TLSv1.0 cryptographic protocols are now disabled by default. These protocols are no longer considered secure and, therefore, are no longer recommended for use. However, the driver still supports TLSv1.1 and TLSv1.0 for legacy servers that do not support more secure protocols. See CryptoProtocolVersion for more information.
    • The SSLv3 and SSLv2 cryptographic protocols are no longer supported.
    • For Kerberos authentication, the driver no longer sets the java.security.krb5.conf system property to force the use of the krb5.conf file installed with the driver jar files in the /lib directory of the product installation directory. For details, see Kerberos authentication.
    • For Db2 for z/OS, the AlternateID connection property has been modified to set the name of the schema in the DB2 CURRENT SCHEMA special register instead of the DB2 CURRENT SQLID special register. AlternateID now sets the name of the schema in the CURRENT SCHEMA special register for Db2 for i, Db2 for Linux/UNIX/Windows, and Db2 for z/OS. For details, see AlternateID.