Patrick Do wrote:
1. Placed all of my partners trusted certs into my trusted cert and name it trusted.cert and this file into the "Trusted Root Certificate File" field.
2. Placed all of your partners trusted certs on your C:D server (Run MMC to add them) so they can be valid.
3. Place the KeyCertFile.keycert into the "Key Certificate File" field, this is the key certificate file at the bottom when I use the "Generate Key Certificate" tab. I give it an .keycert extension.
4. If you use the .Local node your authoritative source (master) then you need to set this node to use either enable tls or ssl and enable override.
5. The rest of the entries need to set to "Default to local node" so they can inherit the settings from the .Local node.
As you see, both ways requires to install some certificates into a trusted storage. You wrote in the first message that you installed trusted files.
Maxim Karvonen wrote:
We are using exactly the same configuration, except by the IP and server name, that have changed. The certificates in any way are linked to the server name or the IP?
Yes, of course. The most common way in certificate validation is validation using certificate chain.
Martin Vajsar wrote:Are you using the latest version of the driver? It is possible that older versions of the driver might not recognize the property.
kona krishnakumar wrote:Hi Josue Nelson,
Kindly clarify, why we will socket timeout parameter and how it effects at websphere and datasource level.