Running the client with SSL/TLS Network ClientSSLNetwork ClientTLSSSLTLS

Basic SSL encryption on the client is enabled either by the URL attribute ssl, the property ssl or the datasource attribute ssl set to basic.

Example: Connection c = getConnection("jdbc:derby://myhost:1527/db;ssl=basic");
Running a client which authenticates the server

If the client wants to authenticate the server, then the client's trust store must contain the server's certificate. See .

Client SSL with server authentication is enabled by the URL attribute ssl or the property ssl set to peerAuthentication. In addition, the system properties and need to be set.

Example: System.setProperty("","clientTrustStore.key"); System.setProperty("","qwerty"); Connection c = getConnection("jdbc:derby://myhost:1527/db;ssl=peerAuthentication");
Running the client when the server does client authentication If the server does client authentication, the client will need a key pair and a client certificate which is installed in the server's trust store, See .

The client needs to set and

Example: System.setProperty("","clientKeyStore.key"); System.setProperty("","qwerty"); Connection c = getConnection("jdbc:derby://myhost:1527/db;ssl=basic");
Running the client when both parties do peer authentication This is a combination of the two last variants.
Example: System.setProperty("","clientKeyStore.key"); System.setProperty("","qwerty"); System.setProperty("","clientTrustStore.key"); System.setProperty("","qwerty"); Connection c = getConnection("jdbc:derby://myhost:1527/db;ssl=peerAuthentication");