Using TLS

JDBC sources support connections through TLS for the databases listed below. For more information, select one of the following databases:

  • Save the Oracle Server certificates on the virtual appliance at location /home/sailpoint/certificates and restart the CCG.

  • Provide the PROTOCOL, HOST, PORT, and SERVICE_NAME parameters in Oracle database application URL in the following format:

    jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=<host_name>)(PORT=<port number>))(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME = <service_name>)))

    For example:

    jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST=WIN-0PR71D80V83)(PORT=2500))(CONNECT_DATA=(SERVER = DEDICATED)(SERVICE_NAME = orcx)))

  1. On the source VA , log in with the SailPoint user.

  2. Go to /home/sailpoint/certificates.

  3. The final certificate file obtained from the server must be placed in this directory.

  4. In the hosts.yaml file make an entry of the SQL Server host in the XXX.XX.XX.XXX <SQL Server hostname> format.

    Note
    For information on creating a hosts.yaml file, refer to Configuring a Hosts.yaml File.

  5. Restart the CCG with the sudo systemctl restart ccg command.

  6. Create a source on the Identity Security Cloud with the following URL:

    jdbc:sqlserver://<SQL Server hostname>:<port on which TLS is configured>;encrypt=true;trustServerCertificate=false;hostNameInCertificate=<SQL Server hostname>

  1. Import the SSL certificates from the Sybase SAP ASE server to /home/sailpoint/certificates directory on the source VA.

  2. Restart the CCG with the following command:

    sudo systemctl restart ccg

  3. In configuration of Sybase SAP ASE source config for the URL field, use the following URL:

    jdbc:sybase:Tds:<HOST>:<PORT>/?ENABLE_SSL=true

  1. On the source VA, login with the SailPoint user.

  2. Go to /home/sailpoint/certificates.

  3. The final certificate file obtained from the server must be placed in this directory.

  4. In the hosts.yaml file make an entry of the DB2 Server host, in the xxx.xx.xx.xxx <DB2 server hostname> format.

    Note
    For information on creating a hosts.yaml file, refer to Configuring a Hosts.yaml File.

  5. Restart the CCG using the following command: sudo systemctl restart ccg

  6. Create a source on Identity Security Cloud with the following URL:

    jdbc:db2://<host>:<port on which TLS is configured>/<Database>:sslConnection=true;

  1. Import the SSL certificates from the SAP HANA Server to the /home/sailpoint/certificates directory on the source VA.

  2. In the hosts.yaml file enter the SAP HANA Server in the xxx.xx.xx.xxx <sap hana server hostname> format.

    Note
    For information on creating a hosts.yaml file, refer to Configuring a Hosts.yaml File.

  3. Restart the CCG with the sudo systemctl restart ccg command.

  4. In the configuration of the SAP HANA source for the Database URL field, use the following URL mentioned in the SSL certificate:

    jdbc:sap://:/?databaseName=&encrypt=true&hostNameInCertificate=<HostName mentioned in certificate>