Progress DataDirect for ODBC for Db2 Wire Protocol Driver User's Guide Release 8.0.2

Trust Store

Save PDF

Table of Contents

Trust Store

Save PDF

Last Updated: May 26, 2023
2 minute read

DataDirect Connectors
ODBC
IBM Db2 8.0
Documentation

Attribute

Truststore (TS)

Purpose

Specifies either the path and file name of the truststore file or the contents of the TLS/SSL certificates to be used when SSL is enabled (Encryption Method=1) and server authentication is used.

Valid Values

truststore_directory\filename | data://-----BEGIN CERTIFICATE-----certificate_content-----END CERTIFICATE-----

where:

truststore_directory: is the path to the directory where the truststore file is located.
filename: is the file name of the truststore file.
certificate_content: is the content of the TLS/SSL certificate.

Notes

Warning: If you are distributing the driver with your application, you must prevent your end users from setting the value for the Truststore option. The Truststore option provides a method for you to specify a truststore library file used for TLS/SSL encryption. However, if exposed, the option can be used to specify files that execute malicious or undesirable code. Refer to Security best practices for ODBC applications in the Progress DataDirect for ODBC Drivers Reference for more information.
The value specified for this option should be an absolute path to a mounted drive.
If you do not specify the path to the directory that contains the truststore file, the current directory is used for authentication.
The keystore and truststore files may be the same file.
When specifying content for multiple certificates, specify the content of each certificate between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----. For example:
```
-----BEGIN CERTIFICATE-----certificatecontent1-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----certificatecontent2-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----certificatecontent3-----END CERTIFICATE-----
```
Note that the number of dashes (-----) must be the same before and after both BEGIN CERTIFICATE and END CERTIFICATE.
When specifying the certificate content for authentication, do not specify the truststore password. Since the truststore file is not required to be stored on the disk when the certificate content is specified directly, the driver need not unlock its contents.

Default

No default values

GUI Tab

Security tab