Enabling TLS in the JDBC Driver

This page provides guidelines for enabling TLS in NuoDB's JDBC driver.

Note: For the JDBC driver to use TLS, the domain first needs to be set up for TLS. For more information, see Enabling TLS Encryption.

It is necessary to provide the trustStore and trustStorepassword properties to the JDBC DriverManager. For example:

public static final String DATABASE_URL 
	     "jdbc:com.nuodb://localhost/";

Properties properties = new Properties();
    properties.put("user", user);
    properties.put("password", password);
    properties.put("schema", "hello");
    properties.put("trustStore", "<NUODB_HOME>/var/etc/nuoadmin-truststore.jks");
    properties.put("trustStorePassword", "changeIt");

dbConnection = DriverManager.getConnection(DATABASE_URL + dbName, properties);

By default, the JDBC driver is set up to match the DN name in the certificate against the hostname. To disable hostname verification, set the verifyHostname connection property to false. For more information, see Connection Properties.

Note: NuoDB's JDBC driver supports JKS truststores. PKCS12, PEM or other formats are not supported.