Configuring SSL for JDBC Clients
Configuring SSL Authentication for JDBC clients involves involves the following tasks:
- Set required properties
- Optionally run the SSL Debug Utility
- Configure for SSL Mutual Mode (optional)
Set Required Properties
Set Properties When Location or the Keystore/Truststore Is Not the Default
If you are using a location or the keystore/truststore that is not the default, set the following system properties so that the JRE can find your keystore/truststore:
$ javax.net.ssl.keyStore
$ javax.net.ssl.trustStore
Set Properties When Keystore/Truststore Is Password Protected
If your keystore/truststore is password protected, set the following system properties so that the JRE has access to it:
$ javax.net.ssl.keyStorePassword $ javax.net.ssl.trustStorePassword
Run the SSL Debug Utility
After configuring SSL for JDBC, optionally run the following command to enable the debug utility for SSL:
$ -Djavax.net.debug=ssl
You can use several debug specifiers (options) with the debug utility. The specifiers help narrow the scope of the debugging information that is returned. For example, you could specify one of the options that prints handshake messages or session activity.
For information on the debug utility and its options, see Debugging Utilities in the Oracle document, JSSE Reference Guide.
For information on interpreting debug information, refer to the Oracle document, Debugging SSL/TLS Connections.