The DB2® Cancun Release adds NIST SP 800-131A compliance. If you are required to comply with NIST SP 800-131A, you must configure your LDAP environment.
SRVCON_PW_PLUGIN = IBMLDAPauthserver
CLNT_PW_PLUGIN = IBMLDAPauthclient
GROUP_PLUGIN = IBMLDAPgroups
LDAP_HOST = myhost
SSL_KEYFILE = /home/xxx/sqllib/cfg/IBMLDAPSecurity.kdb
SSL_PW = mypassword
ENABLE_SSL = true
FIPS_MODE = true
SECURITY_PROTOCOL = TLSV12
With valid configuration in both the LDAP client and server, communication between DB2 LDAP security plug-ins and the LDAP server are NIST SP 800-131A compliant.