Learn how you can configure Streams Messaging Manager (SMM) to securely connect to
its database using TLS 1.2 when installing a new cluster.
When installing a new cluster, Streams Messaging Manager’s database connection is set
up during the Setup Database step of the Add
Cluster - Configuration wizard. Complete the following when you
reach this step in the wizard to configure TLS 1.2.
-
Select the appropriate database type from the Type
drop-down list.
-
Select yes from the Use JDBC URL
Override drop-down list.
-
Enter the database username and password you set up for SMM in the
Username and Password
fields.
The username and password you must enter are set up in a previous step of the
installation. For more information, see Configuring the Database for
Streaming Components.
-
Enter an appropriate JDBC URL in the JDBC URL
field.
The JDBC URL must contain all necessary properties needed for SMM to establish
a secure connection with its database. Use the following templates to construct
the JDBC URL.
- MySQL
-
jdbc:mysql://[***DB HOST***]:[***DB PORT***]/[***DB NAME***]?useSSL=true&trustCertificateKeyStoreUrl=file://[***TRUSTSTORE PATH***]&trustCertificateKeyStoreType=jks&trustCertificateKeyStorePassword=[***TRUSTSTORE PASSWORD***]&enabledTLSProtocols=TLSv1.2
- PostgreSQL
-
jdbc:postgresql://[***DB HOST***]:[***DB PORT***]/[***DB NAME***]?useSSL=true&trustCertificateKeyStoreUrl=file://[***TRUSTSTORE PATH***]&trustCertificateKeyStoreType=jks&trustCertificateKeyStorePassword=[***TRUSTSTORE PASSWORD***]&enabledTLSProtocols=TLSv1.2
- Oracle
-
jdbc:oracle:thin:@tcps://[***DB HOST***]:[***DB PORT***]/[***DB NAME***]?javax.net.ssl.trustStore=[***TRUSTSTORE PATH***]&javax.net.ssl.trustStorePassword=[***TRUSTSTORE PASSWORD***]&oracle.net.ssl_server_dn_match=false
-
Click Test Connection.
If the connection test fails, review your configuration, fix any errors, and
rerun the connection test.
-
Click Continue to continue with cluster
installation.
The SMM service establishes a secure connection with its database.