October 25, 2011

Getting Started with SSL

If you're a DB2 systems programmer who must configure DB2 to support secure client communication through SSL, or if you're a developer who needs to configure your application to use SSL, be sure to check out IBM's recently published Redpaper: "DB2 10 for z/OS: Configuring SSL for Secure-Client Communications."

I frequently recommend IBM Redbooks publications on this blog. I love them. I've worked in many small shops over the years, and when you're in that role, having to wear as many hats as you do, it's tough to become an expert in any one area. That's why I've always appreciated Redbooks. They've helped me with install DB2 for z/OS and configure many different DB2 components. I find the publications valuable because they explain the subject and provide sample JCL and scripts.

For this particular Redpaper (a Redpaper is a shorter technical document that's published on the Web only), you'll appreciate the overview with pictures in the first chapter. It's a good starting point for anyone who's unfamilar with SSL and TCP/IP AT-TLS. The next few chapters discuss how to configure SSL for the DB2 10 server as well as the DB2 10 requester.

Then it's time to examine what it takes to get your application to work with SSL. One technique involves using the IBM Data Server Drive for JDBC and SQLJ to enable a Java application to connect to DB2 using SSL. You don't use Java? You want to use SSL to connect your DB2 for LUW (Linux, UNIX, Windows) application to DB2 for z/OS? Read on. The next few chapters introduce the IBM Global Security Kit (GSKit) and DB2 Connect server for LUW (Linux, UNIX, Windows). The final chapter covers providing client access to DB2 using digital certificates.

By the way, SSL is a relatively new capability, having been introduced with DB2 9 for z/OS. So plenty of folks have little or no experience with it. If you've configured DB2 or your application to take advantage of SSL, please share your experience in Comments.