DB2 Version 9.7 for Linux, UNIX, and Windows

Authentication CLI/ODBC configuration keyword

Specifies the type of authentication to be used with file DSN or DSN-less connectivity.

db2cli.ini keyword syntax:
Authentication = CERTIFICATE | SERVER | SERVER_ENCRYPT | SERVER_ENCRYPT_AES | DATA_ENCRYPT | KERBEROS | GSSPLUGIN | CERTIFICATE
Default setting:
Not specified
Usage notes:
The Authentication keyword can be set in the data source section ([data source]) of the db2cli.ini file, or in a connection string.
When you set the Authentication keyword, you must also set the following CLI/ODBC keywords in the db2cli.ini file:
  • Database
  • Protocol.

If the Protocol keyword is set to IPC (Protocol=IPC), you must also set the Instance keyword.

If the Protocol keyword is set to TCPIP (Protocol=TCPIP), you must set the following CLI/ODBC keywords in the db2cli.ini file:
  • Port
  • Hostname.

If the Authentication keyword is set to KERBEROS, you must also set the TargetPrinciple keyword. When the Authentication keyword is set to Kerberos, you can optionally specify the KRBPlugin keyword. If the KRBPlugin keyword is not specified, the default IBMkrb5 plug-in is used.

In Version 9.7 Fix Pack 6 and later, you can specify the SSL client authentication by setting the Authentication keyword to the CERTIFICATE value in the db2cli.ini for connection to DB2® for z/OS® servers with following conditions:
  • A connection to the server must be established with the CLI driver. The CERTIFICATE authentication is specific to CLI, and ODBC connections.
  • DB2 for z/OS server must be Version 10 or later. If you are connecting to DB2 for z/OS Version 10 server, APAR PM53450 must be installed.
  • Connections to DB2 for z/OS server must be a direct connection between DB2 client and supported DB2 for z/OS server. You cannot use DB2 Connect server as a gateway to establish connection to target DB2 for z/OS servers.
  • The SSLCLientLabel keyword must set.
  • A connection to supported DB2 for z/OS servers must be made with the application connection string, the IBM® data server driver configuration file or the db2cli.ini file. You cannot use the local database catalog to establish connections to DB2 for z/OS servers.
  • You cannot specify a user password.
Parent topic: CLI/ODBC configuration keywords listing by category
Related reference:
Authentication IBM data server driver configuration keyword
TargetPrincipal CLI/ODBC configuration keyword