There are several configuration flags that can be used on the client side to tune SSL behavior for the Aster ODBC Client. Most client-side flags have a corresponding queen-side flag. When you change a flag on one side (client or server), you will typically have to make appropriate changes to the other side.
-
EnableSSL: Enables/disables the use of SSL (string value of 0 for false, or 1 for true).
- 0 = Disable SSL (default)
- 1 = Enable SSL
-
SSLEncryptReads: Determines whether the client expects data returned from database to be encrypted (string value of 0 for false, or 1 for true).
- 0 = query results are unencrypted (the default)
- 1 = query results are encrypted
- SSLAllowSelfSignedPeer: Determines whether the client allows peers with self signed certificates to communicate (string value of 0 for false, or 1 for true; default is 1).
-
SSLFileType: The certificate file type. A string value; one of:
- SSL_FILETYPE_PEM (the default)
- SSL_FILETYPE_ASN1
- SSLPrivateKeyPath: Path to the private key to be used. Optional. (A string value.)
- SSLCertificatePath: Path to the SSL certificate to be used. (A string value.)
- Set either SSLTrustedCADir or SSLTrustedCAFilename, depending on whether you have one or many CA certificates:
- SSLTrustedCADir: Path to the directory containing CA certificates in PEM format. (A string value.)
- SSLTrustedCAFilename: Filename of CA certificate in PEM format. (A string value.)