Secure Sockets Layer for DDM and DRDA

 

DB2 Universal Database™ for iSeries™ Distributed Relational Database Architecture™ (DRDA^®) clients do not support Secure Sockets Layer (SSL).

However, similar function is available with Internet Protocol Security Architecture (IPSec).

The DDM TCP/IP server supports the SSL data encryption protocol. You can use this protocol to interoperate with clients such as iSeries Toolbox for Java™ and iSeries Access Family OLE DB Provider that support SSL for record-level access, and with any DDM file I/O clients provided by independent software vendors that might support SSL.

To use SSL with the i5/OS^® DDM TCP/IP server, configure the client to connect to SSL port 448 on the server.

If you specify PWDRQD(*ENCRYPTED) on the Change DDM TCP/IP Attributes (CHGDDMTCPA) command on the system, you can use any valid password along with SSL. This is possible because the system recognizes that the whole data stream, including the password, is encrypted.

• Required programs
  You will need to set up and install SSL support.

• i5/OS requirements
  For a System i™ product to communicate over Secure Sockets Layer (SSL), it must be running i5/OS V5R3, or later, or OS/400^® V4R4, or later, and have the following applications installed.

 

Parent topic:

Elements of security in a TCP/IP network

 

Related concepts

Internet Protocol Security Architecture for DDM and DRDA
Secure Sockets Layer (SSL)

 

Related reference

Change DDM TCP/IP Attributes (CHGDDMTCPA) command