17.10 - SSLCAPATH - Call-Level Interface Version 2

Teradata® Call-Level Interface Version 2 Reference for Workstation-Attached Systems

Product
Call-Level Interface Version 2
Release Number
17.10
Release Date
October 2021
Content Type
Programming Reference
Publication ID
B035-2418-061K
Language
English (United States)

Use SSLCAPATH parameter to specify the path to a directory containing OpenSSL compatible hashed filenames, either containing or pointing to files containing PEM encoded trusted certificates. To create compatible hashed file names, refer to the OpenSSL documentation. Creation of the hashed filenames requires the use of either the openssl x509 -hash command or the OpenSSL c_rehash utility. Some operating systems do not install either OpenSSL or the c_rehash utility by default. Hence, extra operating system configuration is required for that, and that process is outside the scope of this document. For the specific operating system platform, refer to the OpenSSL documentation.

This parameter can be set using the following methods:

  • clispb.dat
  • Environment variable
  • Connection string

clispb.dat

Add the following line to clispb.dat:

sslcapath=<path to directory>

Environment Variable

Before executing the client application, set the SSLCAPATH environment variable to the operating system specific path to the directory containing the hashed filename trusted certificates.

Non-Windows:

$ export SSLCAPATH=<path to directory>

Windows:

C:\> set SSLCAPATH=<path to directory>

Connection String

To specify the operating system specific path to the directory containing the hashed filename trusted certificates, use the following connection string parameter:

dbcarea.connect_ptr = “sslmode=verify-full;sslcapath=<path to directory>”