When using basic server authentication with TLS, the certificate returned by the server to the client must have been issued by a certifying authority that is trusted by the client for the TLS session to be established. Certifying authorities trusted by the client reside in an encrypted file called a trust store. Most if not all trust stores are password protected. The Java platform defines standard system properties for specifying the location of the trust store and the value of the trust store password. These properties are:

• javax.net.ssl.trustStore
• javax.net.ssl.trustStorePassword

These can be specified on the java command line as:

-Djavax.net.ssl.trustStore=C:\Certificates\MyTrustStore -Djavax.net.ssl.trustStorePassword=myPassword

To enable the trust store and trust store password, the driver employs two connect options - trustStore and trustStorePassword. The value of the trustStore option is a pathname which specifies the location of the trust store file. The value of the trustStorePassword is the password required to access the contents of the trust store. The values specified for the trustStore and trustStorePassword connect options override any value specified by the corresponding Java system property. If a trustStore or trustStorePassword option is not specified, the driver recognizes any value specified for the corresponding system property.

The following table provides descriptions of the methods used to enable encryption in the driver.

Table 1. Encryption methods for the JDBC Driver

Encryption Methods	Description
setEncryptionMethod	Specifies the driver encryption method. The encryption method determines whether the driver encrypts and decrypts the data sent between the driver and the data server.
getEnvryptionMethod()	Returns the driver encryption method.
setValidateServerCertificate	Specifies whether the driver will validate the server certificate returned by the database server.
getValidateServerCertificate ()	Returns whether the driver will validate the server certificate returned by the database server.
setHostNameCertificate	Specifies the name the driver will use to compare with the certificate common name returned by the database server during TLS session establishment.
getHostNameCertificate	Returns the name the driver will use to compare with the certificate common name returned by the database server.
setTrustStore	Specifies the full path to the trust store file which contains the certificate authorities trusted by the driver.
getTrustStore ()	Returns the path to the trust store.
setTrustStorePassword	Specifies the password used to gain access to the trust store.
getTrustStorePassword	Returns the trust store password.