17.20 - Deterministic Behavior of Prefer/Allow SSLMode - ODBC Driver for Teradata

ODBC Driver for Teradata® User Guide

Product
ODBC Driver for Teradata
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2022-06-21
dita:mapPath
uqj1639470627591.ditamap
dita:ditavalPath
nkw1500504256726.ditaval

ODBC driver supports the deterministic behavior from Teradata database for Pref er/Allow SSL mode. This enhances the utilization of port selection used for database connection.During the process of connecting to a Teradata database, ODBC driver receives information of which port (for example, HTTPS or TDMST) the database actively listens to. Based on this information, there are 3 possible scenarios of information received from the Teradata database:

  1. TDMST port enabled and HTTPS port disabled ODBC driver, SSLMode=Allow or SSLMode=Prefer

    ODBC driver consistently connects to the TDMST port or returns an error.

  2. HTTPS port enabled & TDMST port disabled ODBC driver, SSLMode=Allow or SSLMode=Prefer

    ODBC driver consistently connects to the HTTPS port or returns an error.

  3. Both TDMST and HTTPS ports enabled
    • ODBC driver, SSLMode=Allow

      ODBC driver connects to the TDMST port or returns an error indicating that the TDMST port is enabled, but the driver fails to connect to it.

    • ODBC driver, SSLMode=Prefer

      ODBC driver connects to the HTTPS port or returns an error indicating that the HTTPS port is enabled, but the driver fails to connect to it.

The deterministic behavior of Prefer/Allow SSL mode is dependent on the TLS setting of Teradata Gateway. Currently there are four modes, namely disable, enable, require and nolegacy, that the Teradata Gateway can be set to. You can run the following commands to check or change the setting:

  • tdatcmd
  • gtwcontrol -h
  • gtwcontrol --TLS [disable|enable|require|nolegacy][,trace=yes|no|all]
A database restart is required once you change the settings.