Security tab

The Security tab allows you to specify your security settings. The fields are optional unless otherwise noted. On this tab, provide values for the options in the following table; then, click Apply.

See "Using security" for a general description of authentication and encryption and their configuration requirements.

Connection Options: Security	Description
Encryption Method	The method the driver uses to encrypt data sent between the driver and the database server. If set to 0 - No Encryption, data is not encrypted. If set to 1 - SSL, data is encrypted using SSL. If the server is not configured for SSL, the connection fails. If set to 6 - RequestSSL, the login request and data are encrypted using SSL if the server is configured for SSL. If the server is not configured for SSL, an unencrypted connection is established. Default: 0 - No Encryption
Crypto Protocol Version	Specifies the cryptographic protocols to use when SSL is enabled using the Encryption Method connection option. Default: TLSv1.2, TLSv1.1, TLSv1
Validate Server Certificate	Determines whether the driver validates the certificate that is sent by the database server when SSL encryption is enabled (EncryptionMethod=1 | 6). If enabled, the driver validates the certificate that is sent by the database server. Any certificate from the server must be issued by a trusted CA in the truststore file. If the Host Name In Certificate option is specified, the driver also validates the certificate using a host name. If disabled, the driver does not validate the certificate that is sent by the database server. The driver ignores any truststore information specified by the Trust Store and Trust Store Password options. Default: Enabled
Enable FIPS	Determines whether the OpenSSL library uses cryptographic algorithms from the FIPS provider or the default provider when TLS/SSL encryption is enabled (Encryption Method=1). If disabled, the OpenSSL library uses cryptographic algorithms from the default provider. If enabled, the OpenSSL library uses cryptographic algorithms from the FIPS provider. Default: Disabled
Truststore	The directory that contains the truststore file and the truststore file name to be used when SSL is enabled (EncryptionMethod=1 | 6) and server authentication is used. Default: None
Truststore Password	The password that is used to access the truststore file when SSL is enabled (EncryptionMethod=1 | 6) and server authentication is used. Default: None
Key Store	The name of the directory containing the keystore file to be used when SSL is enabled (Encryption Method=1 | 6) and SSL client authentication is enabled on the database server. Default: None
Key Store Password	The password used to access the keystore file when SSL is enabled (Encryption Method=1 | 6) and SSL client authentication is enabled on the database server. Default: None
Key Password	The password used to access the individual keys in the keystore file when SSL is enabled (EncryptionMethod=1 | 6) and SSL client authentication is enabled on the database server. Keys stored in a keystore can be individually password-protected. To extract the key from the keystore, the driver must have the password of the key. Default: None
Host Name In Certificate	A host name for certificate validation when SSL encryption is enabled (EncryptionMethod=1 | 6) and validation is enabled (ValidateServerCertificate=1). Default: None

If you finished configuring your driver, proceed to Step 6 in "Data source configuration through a GUI." Optionally, you can further configure your driver by clicking on the following tabs. The following sections provide details on the fields specific to each configuration tab:

• General tab allows you to configure options that are required for creating a data source.
• Advanced tab allows you to configure advanced behavior.
• Failover tab allows you to specify failover data source settings.
• Pooling tab allows you to specify connection pooling settings.
• Authentication tab allows you to specify authentication settings.