Usage Notes
The connection string pointer specifies the address of the connection string for the session.
Language | Variable Name |
---|---|
COBOL: | DBCAREA-CONNECT-PTR |
C: DBCAREA.H | connect_ptr |
Routine | Action Taken |
---|---|
DBCHINI: | writes |
DBCHCL: | reads (CON) |
Used by | Action Taken |
---|---|
application program | writes |
Before calling DBCHCL for the connect function, the application may build a connection string and provide its address in the Connection String Pointer. A connection string has the following format:
“attribute1=value1;attribute2=value2;…;attributeN=valueN”
The following rules govern the format of a valid connection string:
- The connection string consists of an alphanumeric string of attribute=value pairs, separated by a semicolon delimiter character.
- The connection string supports the same session character sets and encodings as the logon string.
- Attribute names are case insensitive. Attribute values are case sensitive.
- If an attribute occurs more than once in the connection string, the last instance takes precedence.
- The quote character is the double quote (“) character.
- Leading and trailing spaces in the attribute name are trimmed.
- Leading and trailing spaces of an unquoted value are trimmed. Leading and trailing spaces outside of a quoted value are trimmed.
- If the value contains spaces as part of the value, the value must be enclosed in quotes.
- Embedded double quote characters (for example, not the first or last character in the value) are allowed and do not require enclosing the value in quotes. For example:
attribute value: abc”def connection string: attribute=abc”def
- If a value contains a double quote as the first or last character in the value, the value must be enclosed in double quotes, and the embedded double quote must be escaped by doubling it. For example:
attribute value: “abcdef connection string: attribute=”””abcdef”
The connection string supports the following attributes:
Attribute | Description |
---|---|
jws_private_key . | Location of the file that contains the JWS private key obtained from your identity provider. Can be in PEM or JWK format |
jws_cert | Use if your identity provider requires an “x5t” header thumbprint. |
oidc_clientid | Commonly used to override the default client ID when using bearer authentication. |
oidc_scope | Used to override the default scope. |
jws_algorithm | Default is RS256. Valid algorithms are RS256, RS384, RS512. |
code_append_file | <filename>: appends the verification URL and code to the specified file if the file already exists or creates a new file if the specified file does not exist. -out: prints the verification URL and code to standard out (stdout) -err: prints the verification URL and code to standard error (stderr) |
sslmode | TLS security mode. Default is allow. For more information, see How to Secure Connections using TLS. Valid values: disable, allow, prefer, require, verify-ca, verify-full |
sslca | The full path to a file in PEM format containing a list of trusted SSL CA certificates. For more information, see How to Secure Connections using TLS. Valid values: An operating system file path |
sslcapath | The full path to a directory containing trusted SSL CA certificates in PEM format. For more information, see How to Secure Connections using TLS Valid values: An operating system directory path |
sslcrc | Certificate revocation check mode. Default is allow. For more information, see How to Secure Connections using TLS. Valid values: allow, require |
tdmstport | The non-TLS port number. Default is 1025. Valid values: A valid integer port number |
tdmsttlsport | The TLS port number. Default is 443. Valid values: A valid integer port number |
httpsport | Same as tdmsttlsport |
sslprotocol | The TLS protocol version. Default is “TLS1_2”. For more information on sslprotocol, see How to Secure Connections using TLS. Valid values: TLS1_2 |
http_proxy | Hostname or IP address of the proxy server to use for HTTP requests |
http_proxy_user | Proxy server username for http_proxy server |
http_proxy_password | Proxy server password for http_proxy server |
https_proxy | Hostname or IP address of the proxy server to use for HTTPS/TLS requests. In most cases, this is the same as http_proxy. |
https_proxy_user | Proxy server username for https_proxy server |
https_proxy_password | Proxy server password for https_proxy server |
all_proxy | Hostname or IP address of the proxy server to use for HTTP and HTTPS/TLS requests. Use instead of http_proxy and https_proxy if the proxy server is the same for both HTTP and HTTPS/TLS connections. |
all_proxy_user | Proxy server username for all_proxy server |
all_proxy_password | Proxy server password for all_proxy server |
proxy_bypass_hosts | Do not use proxy server for addresses that match these hostname, domain, or IP address patterns |
proxy_bypass
Connection string examples:
sslmode=require sslmode=prefer;tdmstport=10250;tdmsttlsport=4430 sslmode=verify-full;sslca=/home/user/”My Certificates”