Product Documentation

Database Administrator's Guide

Previous Topic

Next Topic


To enable TLS (SSL), add a SUBSYSTEM COMM_PROTOCOL SSL section to ctsrvr.cfg containing your specified TLS configuration options.

Supported options

SERVER_CERTIFICATE_FILE - provide the name of the PEM-encoded certificate file that contains the FairCom DB server certificate.

SERVER_PRIVATE_KEY_FILE - indicate the name of the file containing the private key.

SERVER_ENCRYPTED_STORE_FILE - create an encrypted store file.

SSL_CONNECTIONS_ONLY - allow or deny connections that use SSL to connect to the FairCom DB Server.

SSL_CIPHERS - set the encryption ciphers that are allowed to be used for encrypting the SSL connection.

DEBUG_LOG - write messages to the specified <log file>.

VERIFY_CLIENT_CERTIFICATE - require the client to supply an X.509 certificate or not.

X509_AUTHENTICATION - enable or disable using an X.509 certificate at logon for authentication and database authorization