Encrypting data transferred between an application and database is recommended--even if both reside behind your firewall. DataDirect for JDBC drivers, with a few exceptions, support encrypting data transferred to or from a database using TLS/SSL encryption.

When using TLS/SSL encrypted connections, you should always validate the certificate received from the database server. You can enable certificate validation by setting the ValidateServerCertificate property to true (enabled), which is the default. Note that the ValidateServerCertificate connection property should only be disabled (ValidateServerCertificate=false) when debugging a connection issue to a TLS/SSL enabled database.

To validate the certificate supplied by the server, you must specify the CA Certificate of the Certificate Authority that issues the TLS/SSL certificate using the TrustStore connection property. However, when using self-signed certificates, configure the TrustStore property to specify the self-signed certificate. Note that self-signed certificates are not recommended in production deployments.

Refer to the user's guide for your driver for more information on configuring TLS/SSL encryption.