SSL

Data stored in Tibero may contain sensitive information such as a personal identification number (a resident registration number) or a bank account number. This information can by potentially compromised by an unauthorized user, therefore a particular measure to authenticate the servers and clients is required to prevent any unauthorized access. To this end, tbJDBC provides Secure Sockets Layer (SSL).

The SSL function of tbJDBC has been implemented using the Java Secure Socket Extension (JSSE) package. Information between tbJDBC and the Tibero server can be protected with this function.

Configuring SSL

To use the SSL function, the Tibero server and tbJDBC must be set up. After the two are successfully set up, all information exchanged between the Tibero server and tbJDBC can be protected without any other additional processes.

Configuring Tibero Server

Tibero servers must be set up according to the following steps.

1. Check whether the authentication files exist.

$TB_HOME/client/ssl/certs/certificate.pem
$TB_HOME/client/ssl/private/private.key

1. In the $TB_SID.tip file, add the following initialization parameters.

CERTIFICATE_FILE="$TB_HOME/client/ssl/certs/certificate.pem" 
PRIVATE_KEY="$TB_HOME/client/ssl/private/private.key"

1. Restart the Tibero server.

Configuring tbJDBC

tbJDBC must be set up as follows:

Connection conn = 
    DriverManager.getConnection("jdbc:tibero:thin:@(description=(protocol=tcps)" +
                                "(address=(host=svr1)(port=8629))"+ 
                                "(DATABASE_NAME=dbsvr))", "tibero", "tmax");