Configuring SSL Verification
When connecting to data stores, by default the Windows version of the Simba ServiceNow ODBC Connector uses one-way SSL authentication with peer and host verification. The connector verifies the identity of the server, and the host name specified in the server certificate must match the host name of the server that you are connecting to. To successfully connect to the server, you must either provide the appropriate trusted server certificate or disable peer verification.
Specifying a Server Certificate
The Windows version of the connector enables peer verification by default. The connector uses the certificates in the Windows trust store to verify the server. To add a certificate to the trust store, use the Microsoft Management Console (MMC). For more information, see "Manage Trusted Root Certificates" on Microsoft TechNet: https://technet.microsoft.com/en-us/library/cc754841(v=ws.11).aspx.
- If the
SystemTrustStore
property is enabled (1
), the Windows trust store is used. - If the
SystemTrustStore
property is disabled (0
), the certificate is taken from the path provided in theTrustCertsPath
property.
Disabling SSL Verification
If peer verification is not required for your connection, disable peer verification so that the connector can connect to the data store. You can also disable host verification and SSL encryption, if necessary.
To disable SSL verification:
- Choose one:
- If you are using Windows 7 or earlier, click Start
, then type regedit in the Search field, and then click regedit.exe in the search results.
- Or, if you are using Windows 8 or later, on the Start screen, type regedit, and then click the regedit search result.
- If you are using Windows 7 or earlier, click Start
- To disable peer verification so that the connector does not verify the identity of the server, set the UsePeerVerification value to 0.
- To disable host verification so that the connector does not require the host name in the server's certificate to match the host name of the server, set the UseHostVerification value to 0.
- To disable SSL encryption so that the connector does not connect to the server over SSL, set the UseEncryptedEndpoints value to 0.