search

smchamberlin / node-red-contrib-ibm-db2

Node-RED nodes to work with a Db2 LUW database. Works with "Db2 on Cloud" and "Db2 Warehouse on Cloud" services as well as standalone installation of Db2 LUW.
4 stars 14 forks source link

Support SSL connections into dashDB on Bluemix #16

Closed ghost closed 6 years ago

ghost commented 7 years ago

The dashDB service on Bluemix supports connections with and without SSL we would like to use NodeRED and this node to utilize the SSL connection. This will ensure credentials as well as our data is encrypted on the wire between our NodeRED server and the dashDB instance.

To enable SSL in JDBC: jdbc:db2://server.bluemix.net:50001/BLUDB:user=userid;password=password;sslConnection=true;

For ODBC: db2cli writecfg add -database BLUDB -host server.bluemix.net -port 50001 -parameter "SecurityTransportMode=SSL"

note the port is 50001 for SSL

The hard part I see for this will be including the CA cert from dashDB in to the JVM

Here is the IBM Infocenter link with a URL for the driver and cert. https://www.ibm.com/support/knowledgecenter/en/SS6NHC/com.ibm.swg.im.dashdb.doc/connecting/connect_secure_connections_ssl.html

smchamberlin commented 6 years ago

This has been addressed in the latest commit:

https://github.com/smchamberlin/node-red-nodes-cf-sqldb-dashdb/commit/35e60b9e642b3fc82e8922cdcd6e951dd921630c

As long as you are connecting to dashDB and not your own DB2, you shouldn't have to supply your own cert, so none is asked, it just uses the SSL DSN from the VCAP by default now.