Encrypting data transferred between an application and database is recommended even if both reside behind your firewall. DataDirect for ODBC drivers, with a few exceptions, support encrypting data transferred to or from a database using TLS/SSL encryption.

When using TLS/SSL encrypted connections, you should always validate the certificate received from the database server. You can enable certificate validation by setting the Validate Server Certificate (ValidateServerCertificate) option to1 (enabled), which is the default. Note that the Validate Server Certificate connection option should only be disabled (ValidateServerCertificate=0) when debugging a connection issue to a TLS/SSL enabled database.

To validate the certificate supplied by the server, you must specify the CA Certificate of the Certificate Authority that issues the TLS/SSL certificate using the Trust Store (TrustStore) connection option. However, when using self-signed certificates, configure the Trust Store option to specify the self-signed certificate.

Refer to the user's guide for your driver for more information on configuring TLS/SSL encryption.