Configuring SSL Verification

Note:

In this documentation, "SSL" indicates both TLS (Transport Layer Security) and SSL (Secure Sockets Layer). The connector supports industry-standard versions of TLS/SSL.

When connecting to data stores, by default the Simba PayPal JDBC Connector uses SSL encryption. The connector also uses peer verification to verify the identity of the server, and host verification to make sure that the host name in the server certificate matches the host name of the server that you are connecting to.

Note:

For peer verification, if the server certificate is not issued by a certificate authority (CA), then add the server certificate to your Java KeyStore.

You can disable peer verification so that the connector does not verify the identity of the server, and disable host verification so that the connector accepts all host names.

Configuring Host and Peer Verification

To disable host or peer verification:

  1. To disable host verification so that the connector accepts all host names, set the UseHostVerification property to 0.
  2. To disable peer verification so that the connector does not verify the identity of the server, set the UsePeerVerification property to 0.

For example, host and peer verification are both disabled in the following connection URL:

jdbc:paypal://localhost;Host=api.sandbox.paypal.com;Auth_Type=OAuth 2.0;Auth_AccessToken=1b3d5f7h8j0sampletoken;UseHostVerification=0;UsePeerVerification=0;

jdbc:paypal://;Host=wd2-services1.workday.com;Auth_type=OAuth 2.0;Auth_Client_Id=a1b2c3;Auth_Client_Secret=abcfe;Tenant_Id=abcefg;Auth_BaseRedirectUri=https://localhost:6367;TrustCertsPath=C:\\Users\\john\\keystore.jks;TrustCertsPwd=123456;UseHostVerification=0;UsePeerVerification=0

Disabling SSL Encryption

If the data store that you are connecting to does not support SSL encryption, disable it so that the connector can connect to the data store.

Note:

It is recommended that you keep SSL enabled if possible. SSL encryption protects data and credentials when they are transferred over the network, and provides stronger security than authentication alone.

To disable SSL verification:

  • Set the UseEncryptedEndpoints property to 0.

For example:

jdbc:paypal://localhost;Host=api.sandbox.paypal.com;Auth_Type=OAuth 2.0;Auth_AccessToken=1b3d5f7h8j0sampletoken;UseEncryptedEndpoints=0

jdbc:paypal://;Host=wd2-services1.workday.com;Auth_type=OAuth 2.0;Auth_Client_Id=a1b2c3;Auth_Client_Secret=abcfe;Tenant_Id=abcefg;UseEncryptedEndpoints=0;

Related topics