For query items that require a connection to the server, those connections can be encrypted using TLS. The SSLMODE parameter can be set in the following locations:
clispb.dat (For more information, refer to System Parameter Block (SPB) Processing.)
Add the following line to clispb.dat:
sslmode=disable | allow | prefer | require | verify-ca | verify-full
Environment variable
Set the following environment variable prior to running the client application:
Non-Windows:
$ export SSLMODE=disable | allow | prefer | require | verify-ca | verify-full
Windows:
C:\> set SSLMODE=disable | allow | prefer | require | verify-ca | verify-full
DBCHQEP Connection string
The qepConnStrP parameter in the DBCHQEP structure can be set to a string containing the sslmode attribute:
dbchqep.qepConnStrP = “sslmode=disable | allow | prefer | require | verify-ca | verify-full”
In order to tell CLI to use this field, the qepLevel must have the extended DBCHQEP structure bit turned on:
dbchqep.qepLevel = qepLevel & DBCHQEPX
DBCHQEPX is defined in dbchqep.h as 0x08.