DB2 10.5 for Linux, UNIX, and Windows

ssl_svr_keydb - SSL key file path for incoming SSL connections at the server configuration parameter

This configuration parameter specifies the key file to be used for SSL setup at server-side.

Configuration type
Database manager
Applies to
  • Database server with local and remote clients
  • Database server with local clients
  • Partitioned database server with local and remote clients
Parameter type
Configurable
Default [range]
Null [any valid path; GSK_MS_CERTIFICATE_STORE]

This parameter specifies a fully qualified file path of the key file or on Windows only, the keyword GSK_MS_CERTIFICATE_STORE which indicates to use Microsoft Windows Certificate Store.

The SSL key file has extension .kdb by default, and stores personal certificates, personal certificate requests and signer certificates. This key file is accessed during the instance startup and the servers personal certificate is sent to the client for server authentication during SSL handshake.

By default, the value is null. During the instance start up, you must define if the DB2COMM registry variable contains SSL. Otherwise, the instance starts up without SSL protocol support.

Related reference:
GET DATABASE CONFIGURATION command
RESET DATABASE CONFIGURATION command
UPDATE DATABASE CONFIGURATION command