Connect DSM to dashDB Using SSL

Mark Latondre

29 July 2016

 

This paper is to provide instructions on how to connect Data Server Manager to dashDB using a SSL connection.

  1. Download the certificate authority (CA) SSL certificate by going to the dashDB console and choose Connect à Connection Information you will then see a screen similar to the one below

 

  1. Once you have downloaded the SSL certificate, move that certificate to the server running Data Server Manager. In this example, we will create a new directory on Windows and call this directory SSL. Place the SSL certificate file (DigiCertGlobalRootCA.crt) in this SSL directory.
  2. Open a Windows cmd window and move to the SSL directory.

In this example the certificate is the only file in the SSL directory that we created (you can place the file in any directory you want).

  1. Data Server Manager includes a certificate tool called ‘keytool’ as part of the DSM install. It can be found in the DSM install under ibm-datasrvrmgr/java/jre/bin

The keytool provides a means to create a TrustStore that will hold the certificate. Here is the command syntax to create a new TrustStore and import the dashDB SSL certificate:

C:\SSL>”C:\Data Server Manager\ibm-datasrvrmgr\java\jre\keytool”       -import -file DigiCertGlobalRootCA.crt -keystore mytruststore

After executing the above, you will be prompted as follows:

Enter keystore password:

Re-enter new password:

 

Input whatever password you want to use.

 

The keytool will then output a bunch of messages followed by this prompt:

 

Trust this certificate? [no]:

 

Type yes  that we do trust this certificate.

 

Trust this certificate? [no]:  yes

Certificate was added to keystore

 

We then see the message that the certificate was added to the keystore.

 

If we then issue the dir command:

 

We see a new file was created that has the name of the keystore we just created. In the above example it is called mytruststore

 

  1. Now log onto the DSM console and navigate to Set Up à Database Connections

 

 

We then would click on the plus sign ( + ) or Add to add a new database connection

 

Fill in the information for hostname, etc.

 

 

 

Select SSL Connectivity for JDBC security. This will add two new fields. The truststore location is the location where you just created the truststore above using the keytool and also you need to supply the password you gave to the Truststore.

 

The select to test the Connection

 

 

HOME | Search