Database setup details for Ranger for TLS 1.2/TCPS-enabled databases
Updating the Ranger Database JDBC Url Override and additional configuration to connect to the secure databases.
- Ensure that TLS 1.2 has already been enabled on the Ranger database.
- Ensure Use JDBC Override URL has been set toYes in the Setup Database page.
-
Select / Enter the following configuration values depending on the database type.
- MySQL
Label Configuration Value Ranger Database Type ranger_database_type MySQL Ranger Database User ranger_database_user <username> Ranger Database User Password ranger_database_password <password> Ranger Database JDBC Url Override ranger_database_jdbc_url jdbc:mysql://[***DB-HOST***]:[***DB-PORT***]/[***RANGER-DB-NAME***]?sslMode=VERIFY_CA&trustCertificateKeyStoreUrl=[***PATH_TO_TRUSTSTORE_FILE***]&trustCertificateKeyStoreType=jks&trustCertificateKeyStorePassword=[***TRUSTSTORE_PASSWORD***]&enabledTLSProtocols=TLSv1.2 - Oracle
Label Configuration Value Ranger Database Type ranger_database_type Oracle Ranger Database User ranger_database_user <username> Ranger Database User Password ranger_database_password <password> Ranger Database JDBC Url Override ranger_database_jdbc_url dbc:oracle:thin:@tcps://[***DB-HOST***]:[***DB-PORT***]:[***SERVICE_NAME***]?javax.net.ssl.trustStore=[***PATH_TO_TRUSTSTORE_FILE***]&javax.net.ssl.trustStorePassword=[***TRUSTSTORE_PASSWORD***]&oracle.net.ssl_server_dn_match=false - PostgreSQL
Label Configuration Value Ranger Database Type ranger_database_type PostgreSQL Ranger Database User ranger_database_user <username> Ranger Database User Password ranger_database_password <password> Ranger Database JDBC Url Override ranger_database_jdbc_url jdbc:postgresql://[***DB-HOST***]:[***DB-PORT***]/[***RANGER-DB***]?sslmode=verify-full&sslrootcert=[***path-to-database-server-certificate***]&enabledTLSProtocols=TLSv1.2
- MySQL
- Click Test Connection.
- Once the test connection succeeds, click Continue.