Basic SSL encryption on the client is enabled either by the URL attribute
ssl, the property ssl or the
datasource attribute ssl set to basic.
Example
Connection c =
getConnection("jdbc:derby://myhost:1527/db;ssl=basic");
Running a client which authenticates the server
If the client wants to authenticate the server, then the client's
trust store must contain the server's certificate. See .
Client SSL with server authentication is enabled by the URL
attribute ssl or the property ssl
set to peerAuthentication. In addition, the system
properties javax.net.ssl.trustStore and
javax.net.ssl.trustStorePassword need to be set.
Example
System.setProperty("javax.net.ssl.trustStore","clientTrustStore.key");
System.setProperty("javax.net.ssl.trustStorePassword","qwerty");
Connection c =
getConnection("jdbc:derby://myhost:1527/db;ssl=peerAuthentication");
Running the client when the server does client authentication
If the server does client authentication, the client will need a key
pair and a client certificate which is installed in the server's
trust store, See .
The client needs to set javax.net.ssl.keyStore and
javax.net.ssl.keyStorePassword.
Example
System.setProperty("javax.net.ssl.keyStore","clientKeyStore.key");
System.setProperty("javax.net.ssl.keyStorePassword","qwerty");
Connection c =
getConnection("jdbc:derby://myhost:1527/db;ssl=basic");
Running the client when both parties do peer
authentication
This is a combination of the two last variants.
Example
System.setProperty("javax.net.ssl.keyStore","clientKeyStore.key");
System.setProperty("javax.net.ssl.keyStorePassword","qwerty");
System.setProperty("javax.net.ssl.trustStore","clientTrustStore.key");
System.setProperty("javax.net.ssl.trustStorePassword","qwerty");
Connection c =
getConnection("jdbc:derby://myhost:1527/db;ssl=peerAuthentication");