Using SSL v17
EDB Postgres Advanced Server provides native support for using SSL connections to encrypt client/server communications for increased security. In OCL, it's controlled by setting the sslmode
parameter to verify-full
or verify-ca
and providing the system with a root certificate to verify against.
Steps of SSL configuration
Configure the server and client-side certificates. For detailed information about configuring SSL client and server-side certificates, refer to the PostgreSQL SSL documentation.
Enable the SSL OCL connection. In an OCL client application, you can enable SSL mode by setting the
EDB_ATTR_SSL
attribute inSession
:
Note
EDB_ATTR_SSL
is defined in the edboci.h
header file available in the installation directory.
- After setting the SSL attribute, you can use the
OCILogon
function to create a connection:
Once the server is authenticated, then the client is ready to pass sensitive data.
For more information about the supported SSL mode options, see the PostgreSQL SSL documentation.
- On this page
- Steps of SSL configuration