Join / Log in
Has anyone here had any luck getting a client connected to Informix using the IBM DRDA protocol over SSL? I opened a case on this some months ago and the DB2 and Informix sides of the fence just kept punting back and forth.
Setting up a drsocssl listener on the engine side is simple enough. But the Informix documentation for setting up DRDA connections doesn't even mention SSL, and doesn't list any parameters such as how to specify SSL and where to find the trust store.
The IBM support team sent me to a documentation page but it wasn't terribly helpful. We tried setting Security=ssl and SSLClientKeystoredb / SSLClientKeystash to point to the trust store, but those parameters seem to be DB2 database driver specific and are either ignored or rejected when connecting to Informix.
This is where the DB2 side of the fence sent me: https://www.ibm.com/support/knowledgecenter/SSEPGG_10.5.0/com.ibm.db2.luw.admin.sec.doc/doc/t0053518.html The Informix side of the fence punted completely.
Seems we got it working. This appears to be the magic combination:
<add name="mydb" connectionString"Max Pool Size=50;Security=ssl;SSLClientKeystoredb=client.kdb;SSLClientKeystash=client.sth;userid=myuser;password=mypass;database=mydb;server=myserver.mydomain.com:myport" providerName="IBM.Data.Informix" />
I'm checking with the developer to see where he had to put the client.kdb and client.sth files to eliminate the need to specify an explicit path.