Database setup details for Ranger KMS for TLS 1.2/TCPS-enabled databases

Updating the Ranger KMS Database JDBC Url Override and additional configuration to connect to the secure databases.

Ensure that TLS 1.2 has already been enabled on the Ranger database.
Ensure Use JDBC Override URL has been set toYes in the Setup Database page.

Select / Enter the following configuration values depending on the database type.

MySQL

Label	Configuration	Value
Ranger KMS Database Type	ranger_kms_database_type	MySQL
Ranger KMS Database User	ranger_kms_database_user	<username>
Ranger KMS Database User Password	ranger_kms_database_password	<password>
Ranger KMS Database JDBC Url Override	ranger_kms_database_jdbc_url	jdbc:mysql://`[*DB-HOST]`:`[DB-PORT]`/`[RANGER-KMS-DB-NAME]`?sslMode=VERIFY_CA&trustCertificateKeyStoreUrl=`[PATH_TO_TRUSTSTORE_FILE]`&trustCertificateKeyStoreType=jks&trustCertificateKeyStorePassword=`[TRUSTSTORE_PASSWORD*]`&enabledTLSProtocols=TLSv1.2

Oracle

Label	Configuration	Value
Ranger KMS Database Type	ranger_kms_database_type	Oracle
Ranger KMS Database User	ranger_kms_database_user	<username>
Ranger KMS Database User Password	ranger_kms_database_password	<password>
Ranger KMS Database JDBC Url Override	ranger_kms_database_jdbc_url	jdbc:oracle:thin:@tcps://`[*DB-HOST]`:`[DB-PORT]`:`[SERVICE_NAME]`?javax.net.ssl.trustStore=`[PATH_TO_TRUSTSTORE_FILE]`&javax.net.ssl.trustStorePassword=`[TRUSTSTORE_PASSWORD*]`&oracle.net.ssl_server_dn_match=false

PostgreSQL

Label	Configuration	Value
Ranger KMS Database Type	ranger_kms_database_type	PostgreSQL
Ranger KMS Database User	ranger_kms_database_user	<username>
Ranger KMS Database User Password	ranger_kms_database_password	<password>
Ranger KMS Database JDBC Url Override	ranger_kms_database_jdbc_url	jdbc:postgresql://`[*DB-HOST]`:`[DB-PORT]`/`[RANGER-KMS-DB]`?sslmode=verify-full&sslrootcert=`[path-to-database-server-certificate*]`&enabledTLSProtocols=TLSv1.2

Click Test Connection.
Once the test connection succeeds, click Continue.