Securing SQL communications
When full security is enabled, SQL communications are secured using HTTPS over TLS. Therefore, SQL driver connections must be configured to use the correspondent HTTPS certificate. In this section you will learn how to download the TLS certificate for your LeanXcale instance.
TLS certificate can be downloaded in the Security tab under the Operations section in the web console, in the SQL Interface Security.
If using Windows, to install LeanXcale TLS certificate you have to open the .crt file and add the certificate to the trusted ca certificates store.
In case Linux is your operative system, you need to add the TLS certificate to your trusted ca certificates for your machine.
sudo mkdir /usr/local/share/ca-certificates/extra sudo cp LeanXcaleSSLConnect.crt /usr/local/share/ca-certificates/extra/LeanXcaleSSLConnect.crt sudo update-ca-certificates
First of all, you must add LeanXcale ca certificate to your Java Truststore when using JDBC driver.
In order to do that, in a Linux environment:
# Go to security directory in your Java installation. For example: cd /usr/lib/jvm/java-8-openjdk-amd64/jre/lib/security # Add LeanXcaleSSLConnect.crt to Java truststore sudo keytool -import -trustcacerts -keystore cacerts -storepass changeit -noprompt -alias mycert -file LeanXcaleSSLConnect.crt
In Windows, you will find the keytool executable file in the ~\bin folder of your installation home path, and the cacerts JDK keystore in ~\lib\security:
# Add LeanXcaleSSLConnect.crt to Java truststore keytool -import -alias <your alias name> -keystore <cacerts location> -trustcacerts -file <LeanXcaleSSLConnect.crt location>
Check now how to set secure mode for your connection in the Development Java Section.
To add TLS certificate to client when using SQLAlchemy in Linux, you have to add the certificate to your trusted ca certificates for your machine. To do this, follow the steps described here depending on your OS.
Check now how to set secure mode at engine creation in the Development SQLAlchemy Section.
When using the ODBC Driver, the configuration required depends on which platform you are using: Linux or Windows. ODBC driver relies in the certificates installed in the client machine, so the steps are the same as described here check the section that matches with your platform.
Check how to config secure mode in a Linux platform in the Development ODBC Section.
Check how to config secure mode in a Windows platform in the Development ODBC Section.