Deterministic Behavior of Prefer/Allow SSLMode| ODBC Driver for Teradata - Deterministic Behavior of Prefer/Allow SSLMode

Deterministic Behavior of Prefer/Allow SSLMode| ODBC Driver for Teradata - Deterministic Behavior of Prefer/Allow SSLMode - ODBC Driver for Teradata

ODBC Driver for Teradata® User Guide - 17.20

Deployment

VantageCloud

VantageCore

Edition

Enterprise

IntelliFlex

Lake

VMware

Product

ODBC Driver for Teradata

Release Number

17.20

Published

June 2022

Language

English (United States)

Last Update

2023-11-18

dita:mapPath

uqj1639470627591.ditamap

dita:ditavalPath

nkw1500504256726.ditaval

dita:id

ktb1507075385726

Product Category

Teradata Tools and Utilities

ODBC driver supports the deterministic behavior from Teradata database for Prefer/Allow SSL mode. This enhances the utilization of port selection used for database connection. In the process of connecting to a Teradata database, ODBC driver receives information of which port (for example, HTTPS or TDMST) the database actively listens to. The deterministic behavior of SSLMode Prefer/Allow is dependent on the TLS setting of Teradata Gateway.

Below are the current available Teradata Gateway TLS settings:

disable

HTTPS port is disabled and TDMST port is enabled on the database side.

Under SSLMode=Allow or SSLMode=Prefer, ODBC driver consistently connects to the TDMST port or returns an error.

nolegacy

HTTPS port is enabled and TDMST port is disabled on the database side.

Under SSLMode=Allow or SSLMode=Prefer, ODBC driver consistently connects to the HTTPS port or returns an error.

require

Both TDMST and HTTPS ports are enabled on the database side.

SSLMode=Prefer, ODBC driver consistently connects to the HTTPS port or returns an error.

SSLMode=Allow, upon connecting to the database with TDMST port, the database would signal the driver that it requires a secured TLS connection. Hence, the driver falls back and consistently connects to the HTTPS port or returns an error.

enable (with TLS correctly configured)

Both TDMST and HTTPS ports are enabled on the database side.

SSLMode=Allow

ODBC driver only connects to the TDMST port or returns an error indicating that the TDMST port is enabled, but the driver fails to connect to it.

SSLMode=Prefer

ODBC driver only connects to the HTTPS port or returns an error indicating that the HTTPS port is enabled, but the driver fails to connect to it.

enable (without any TLS configured)

HTTPS port is disabled and TDMST port is enabled on the database side.

Under SSLMode=Allow or SSLMode=Prefer, ODBC driver consistently connects to the TDMST port or returns an error.

This is the factory default setting for a brand-new Teradata database.

You can run the following commands to check or change the Teradata Gateway TLS setting:

tdatcmd
gtwcontrol -h
gtwcontrol --TLS [disable|enable|require|nolegacy][,trace=yes|no|all]

A database restart is required once you change the settings.