The driver’s TLS/SSL communication layer is implemented through its SQL Engine component. Because the SQL Engine is Java based, the keystore/truststore files used for TLS/SSL encryption must be in the following Java compatible formats:

  • Java Keystore (JKS) contains a collection of certificates. Each entry is identified by an alias. The value of each entry is a certificate and the certificate’s private key. Each keystore entry can have the same password as the keystore password or a different password. If a keystore entry has a password different than the keystore password, using the driver's Key Password (KeyPassword) connection option, the driver must provide this password to unlock the entry and gain access to the certificate and its private key.
  • PKCS #12 keystores/truststores. To gain access to the certificate and its private key, the driver must provide the keystore/truststore password. The file extension of the keystore must be .pfx or .p12.