Show 

Home > Host and Network Connections > Prepaing Derby Hosts > Configuring SSL for Apache Derby

Configuring SSL for Apache Derby

To enable SSL support, use the ssl keyword on the command line when starting the Network Server, or specify the derby.drda.sslMode property in derby.properties.

In addition, you will need to create a server key pair, and you will need to specify the keystore and password when starting the server. For more information about key and certificate handling see http://db.apache.org/derby/docs/10.4/adminguide/cadminsslkeys.html

 

  1. Run keytool to create the key pair.  keytool is located in the JRE bin directory:

keytool -genkey -alias myDatabase -keystore serverKeyStore.key

You will be prompted for various values, such as Name, Organization, etc. One of those parameters will be the password for access to the keystore.

Name: ..

Organization: ...

....

password: myPassword

  1. Specify the keystore and password and the ssl keyword when starting the server:

java -Djavax.net.ssl.keyStore=serverKeyStore.key \

     -Djavax.net.ssl.keyStorePassword=myPassword \

     -jar %DERBY_HOME%\lib\derbyrun.jar server start -h 0.0.0.0 -p 446 -ssl basic