| title | description | author | ms.author | ms.date | ms.service | ms.subservice | ms.topic | apilocation | apiname | apitype |
|---|---|---|---|---|---|---|---|---|---|---|
setEncrypt Method (SQLServerDataSource) |
setEncrypt Method (SQLServerDataSource) |
David-Engel |
davidengel |
01/19/2017 |
sql |
connectivity |
reference |
setEncrypt Method (SQLServerDataSource) |
setEncrypt Method (SQLServerDataSource) |
Assembly |
[!INCLUDEDriver_JDBC_Download]
Sets a Boolean value that indicates if the encrypt property is enabled.
public void setEncrypt(boolean encrypt)
encrypt
true if the Transport Layer Security (TLS), previously known as Secure Sockets Layer (SSL), encryption is enabled between the client and the [!INCLUDEssNoVersion]. Otherwise, false.
If the encrypt property is set to true, the [!INCLUDEjdbcNoVersion] ensures that [!INCLUDEssNoVersion] uses TLS encryption for all data sent between the client and server if the server has a certificate installed. The default value is false.
The JDBC driver detects the Java Virtual Machine (JVM) it is running on when trying to establish a TLS handshake.
If the encrypt property is set to true, the [!INCLUDEjdbcNoVersion] uses the JVM's default JSSE security provider to negotiate TLS encryption with [!INCLUDEssNoVersion]. The default security provider may not support all of the features required to negotiate TLS encryption successfully. For example, the default security provider may not support the size of the RSA public key used in the [!INCLUDEssNoVersion] TLS/SSL certificate. In this case, the default security provider might raise an error that will cause the JDBC driver to terminate the connection. In order to resolve this issue, do one of the following:
-
Configure the [!INCLUDEssNoVersion] with a server certificate that has a smaller RSA public key
-
Configure the JVM to use a different JSSE security provider in the "<java-home>/lib/security/java.security" security properties file
-
Use a different JVM
If the encrypt property is unspecified or set to false, the driver will not enforce the [!INCLUDEssNoVersion] to support TLS encryption. If the [!INCLUDEssNoVersion] instance is not configured to force the TLS encryption, a connection is established without any encryption. If the [!INCLUDEssNoVersion] instance is configured to force the TLS encryption, the [!INCLUDEjdbcNoVersion] will automatically enable TLS encryption when running on properly configured JVM, or else the connection is terminated and the driver will raise an error.