Previous Topic: Enable One-Way Secure Communication between CA AuthMinder Components and DatabaseNext Topic: On UNIX-Based Platforms

CA Strong Authentication Administration GuideConfiguring SSLEnable One-Way Secure Communication between CA AuthMinder Components and DatabaseCA AuthMinder Server and Database

CA AuthMinder Server and Database

CA AuthMinder uses DataDirect driver to connect to the database. This section walks you through the configurations that you must perform on the system where you have installed the CA AuthMinder Server.

On Windows

Follow these steps:

  1. Log in to the system where you have installed the CA AuthMinder Server.
  2. Open the ODBC Data Source Manager.
  3. Click the System DSN tab.
  4. Select the data source that is used by CA AuthMinder to configure for SSL.
  5. Click Configure.

    The ODBC Oracle Wire Protocol Driver Setup dialog appears.

  6. In the Encryption section, select 1-SSL Auto in the Encryption Method drop down list.
  7. Set Truststore to the location where the trust store file containing a list of the valid Certificate Authorities (CAs) that are trusted by the CA AuthMinder is available.
  8. Specify the password for the trust store in the Truststore Password field.
  9. Set the Host Name in Certificate fields to the host name of the system where the database server is installed. See your database vendor documentation for this parameter.
  10. Click OK to save the configurations.

On UNIX

If you want to enable SSL between CA AuthMinder and the database on UNIX platforms, then you need to edit the odbc.ini file to configure the DataDirect driver.

Follow these steps:

  1. Navigate to the following location: 
    <install_location>/arcot/odbc32v70wf
  2. Open the odbc.ini file in a file editor.
  3. In the [<Database_name> Wire Protocol] section that corresponds to the database you are using, you must edit the parameters required for SSL connection.
    EncryptionMethod

    Specifies the method the driver uses to encrypt data sent between the driver and the database server.

    Set this parameter to 1 to encrypt the data using SSL.

    Truststore

    Specifies the location of the trust store file, which contains a list of the valid Certificate Authorities (CAs) that are trusted by the client machine for SSL server authentication.

    TrustStorePassword

    Specifies the password required to access the trust store.

    ValidateServerCertificate

    Validates the security certificate of the server as part of the SSL authentication handshake.

    Set this parameter to 1 to validate the certificate sent by the database server.

  4. Save and close the odbc.ini file.