Encryption of JDBC connection is managed by parameters passed to the third party JDBC client jars that are supplied by the JDBC provider. You can use the IBM® Integration Bus JDBCProviders configurable service or a vendor-specific configuration file to pass the parameters.
Encryption parameters are specific to a JDBC provider. Refer to the documentation issued by your JDBC provider for the details of the Java™ encryption parameters that you require in your runtime environment.
For information about how configurable services are used to enable JDBC connections, see Enabling JDBC connections to the databases.
The encryption parameters are set in the environmentParms property of the JDBCProviders configurable service; the property applies extra parameters to the JDBC connection URL.
This configuration method is particularly suitable when there is a limited set of parameters, or when different parameters need to be customized for multiple JDBCProviders configurable services.
mqsichangeproperties integrationNodeName -c JDBCProviders -o Oracle -n environmentParms
-v oracle.net.encryption_client=REQUIRED;oracle.net.encryption_types_client=AES256;oracle.net.crypto_checksum_client=REQUIRED;oracle.crypto_checksum_types_client=SHA256,SHA1
Alternatively, you can use a vendor-specific configuration file that contains the encryption parameters. The location of this file is specified by a JVM system property that is runtime environment of the integration server. Update the JDBCProviders configurable service to refer to the relevant part of the configuration file.
The encryption parameters can be set as stanzas in an Oracle configuration file called TNSNAMES.ORA. The location of the configuration file is made available to an integration server by using a Java system property.
mqsichangeproperties integrationNodeName -e integrationServerName -o ComIbmJVMManager
-n jvmSystemProperty -v "-Doracle.net.tns_admin=Location of TNSNAMES.ORA file"
mqsichangeproperties integrationNodeName -c JDBCProviders -o Oracle -n serverName
-v Name of Oracle Net service