cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Can the connection to a DB2 database be encrypted?

Former Member

on ‎09-04-2008 12:33 PM

0 Kudos

I'm wanting to connect to a remote DB2 database (i.e. not the database the SAP system is running on) and have the communication encrypted. Thanks to note 200164 I have deployed the DB2 CLI client and configured DBCO. I am now able to make connections to the DB2 database using exec sql statements. What I'm missing is any information on if and how the connection to the DB2 database can be encrypted. Does anyone know if this is possible?

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

malte_schuenemann
Product and Topic Expert
Product and Topic Expert
‎09-04-2008 1:04 PM
0 Kudos

Hello, I do not fully understand your question. You first stated that you have encrypted the communication. Later, You ask how to encrypt.

In any case, the communication between client and server can be encrypted by setting AUTHENTICATION in the DBM CFG on the server side to SERVER_ENCRYPTED.

Malte

Show replies
Show replies
Former Member
‎09-04-2008 1:27 PM
0 Kudos 
I'm wanting to connect to a remote DB2 database and have the communication encrypted.

Perhaps if I'd put a colon after 'wanting' it would have been more clear? If you read it as "I'm wanting to connect to a remote DB2 database and I have the communication encrypted" then it doesn't really make sense, so I fail to see the ambiguity.

Anyway, are you saying that the DB2 user can be set to require encryption on the DB2 database server, and that in this case no changes are required on the client side to accomplish encryption? This would be a suitable solution to my problem. I had been lead to believe that encryption must be specified on both the server and client side for it to work.

malte_schuenemann
Product and Topic Expert
Product and Topic Expert
‎09-04-2008 2:53 PM
0 Kudos

The authentication type is configured at the server. Optionally, you also can specify it at the client. If that is not done, the client side defaults to SERVER_ENCRYPT and in the case of failure will continue to attempt to connect using other authentication types.

How the optional configuration would have to be done at the client side in case of a thin client, I do not really know - but the default should give you what you need.

Ask a Question