Open topic with navigation
This page provides guidelines on enabling TLS in NuoDB's C++ driver.
Note: For the C++ driver to use TLS, the domain first needs to be set up for TLS. For more information, see Enabling TLS Encryption.
trustStore property must be provided in the
Connection::create method, as seen in the following example:
connection = Connection::create( dbName, "dba", // username "goalie", // password 2, // number of properties "schema", "hello", "trustStore", "<NUODB_HOME>/var/etc/nuoadmin.cert" ); }
Note: The truststore is expected to either be a file in PEM format or a directory containing multiple PEM files.
By default, the C++ driver is set up to match the DN name in the certificate against the hostname. To disable hostname verification, set the
verifyHostname connection property to
false. For more information on using
verifyHostname, see Connection Properties.
Note: OpenSSL does not support
*.tld wildcards as part of the Subject Alternative Name. The non-wildcard portion of the domain name needs to have at least two labels. If you try to use the C++ driver with hostname verification enabled, it fails with "certificate verify failed".