-
Close Connect CDC Director if it is already open.
-
Copy the signed server certificate to the local Java trust store path.
-
Open a command console session and navigate to the Connect CDC kernel directory on the client machine, which by default is
<Precisely_Connect_Install>\ConnectCDCV60\kernel
-
Extract the MSSS2005.properties file from Omni.jar to the kernel folder using the Java jar utility. Type the following commands at the command prompt:
run 'jar xf Omni.jar omnienterprise/gdbc/MSSS2005.properties' mv omnienterprise/gdbc/MSSS2005.properties .
-
Using a text editor, open MSSS2005.properties for editing and change the value of the URL parameter to the server jdbc.sqlserver URL with TLS encryption parameters, similar to the following:
url=jdbc:sqlserver://%HOST:%PORT;SelectMethod=cursor; encrypt=true;trustServerCertificate=true; trustStore={path to java trust store};trustStorePassword={trust store password}; hostNameInCertificate={subject property of server certificate}
Parameter
Description
encrypt
Set to true to enable JDBC encrypted communication with the sqlserver.
trustServerCertificate
This property is used with the encrypt/authentication properties and only affects server TLS/SSL certificate validation if the connection uses TLS encryption. For more information, see JDBC Driver for SQL Server support matrix. - Set to true to specify that the driver does not validate the server TLS/SSL certificate. If true, the server TLS/SSL certificate is automatically trusted when the communication layer is encrypted using TLS.
- Set to false to specify that the driver does validate the server TLS/SSL certificate. If the server certificate validation fails, the driver throws an error and closes the connection.
trustStore
Path to server certificate on local to encrypt the connection, rather than the default JVM trust store.
trustStorePassword
Enter the password protecting the certificate.
hostNameInCertificate
Enter the specific host name, typically the DNS name for SQL Server host, that signed the server certificate to validate the connection. This ensures that the server connection matches the server that signed the certificate.
If SSL encryption is enabled (encrypt=true;) and this property is unspecified, the driver uses the server name that is specified in the connection URL or data source of the connection to validate the certificate.
For example,
url=jdbc:sqlserver://%HOST:%PORT; SelectMethod=cursor;encrypt=true;trustServerCertificate=false; trustStore=c:/dev/ConnectCDC/certs/preciselyTrust.jks; trustStorePassword=precisely;hostNameInCertificate=US-DD-USER.us.precisely.com
-
Save the file and exit the text editor.
-
Open Connect CDC Director. From the context menu of the server, select Test Connection to test the connection to SQL Server.