Creating a JDBC Client Application with SSL Capability
These are the general steps to enable a custom-developed client application to integrate with the SSL authentication capabilities of TDV.
1. Create your client application and declare a connection URL, using the following syntax:
jdbc:compositesw:dbapi@<fully_qualified_hostname>:<portnumber>
?domain=<cis_domainname>&dataSource=<data_source_name>&encrypt=true
For example, for Java you might add:
String url = "jdbc:compositesw:dbapi@localhost:9401?"
+"domain=composite&dataSource=cdspt&encrypt=true"
String user = "compUser";
String pass = "compPassword";
// Load driver
Class.forName("cs.jdbc.driver.CompositeDriver")&encrypt=true
// Create connection
conn = DriverManager.getConnection(url, user, pass);
For other URL properties, see JDBC Driver Connection URL Properties in the TDV Client Interfaces Guide.
2. Declare the username and password variables for use in the connection statement.
3. Optionally, find the JDBC driver name on the Data Source tab of the JDBC Data Source Administrator.
4. Optionally, write a sample program to test the connection URL.
5. Create or modify your client program so that it includes the connection syntax. For example, you must include a statement similar to the following to establish the connection:
conn = DriverManager.getConnection(URL, userName, password);
6. To set up authentication between JDBC client applications and the TDV server, you must declare a connection URL. This URL contains the following JDBC parameters where the keystore information can be specified.
JDBC Parameter | Description |
validateRemoteCert | This property initiates a validation handshake of the TDV server-side certificate (on Windows, Linux is supported on TDV 8.3 or later). This validation includes checking that the cert is not expired, that the root certificate is installed on your machine, that the certificate is signed with the fully qualified dns name of the server, etc. In general, it applies all the validation rules of IETF RFC 8446 (Transport Layer Securitry 1.3). Note that this means you can not use self-signed certificates with validateRemoteCertificate=true (but it will work without this property). |
validateRemoteHostname | False (default): No host name validation is performed. True: The csjdbc.jar compares the value of host in JDBC URL with the subject CN (common name) value in the certificate received from the targeted TDV Server. If host name validation fails, the connection is not established. |
7. Restart the TDV Server.