You can configure your connections to enable Transport
Layer Security v1.2 encryption for your connections.
Procedure
- Modify the JVM options in the client side eclipse.ini file.
- Close the development workbench if it is open.
- Find the eclipse.ini file for your installation. The eclipse.ini file is located in root of the product install
directory. For example, if you installed the product to C:\Program
Files\IBM\SDP, the file would be located at C:\Program
Files\IBM\SDP\eclipse.ini.
- Add the -DDSTORE_SSL_ALGORITHM=TLSv1.2 JVM
option to eclipse.ini. Open eclipse.ini in an editor and
add the option. This example eclipse.ini source shows the option on
the second last line:
-vm
C:\Program Files\IBM\SDP\jdk\jre\bin\javaw.exe
-startup
plugins/org.eclipse.equinox.launcher_1.3.0.v20120522-1813.jar
--launcher.library
plugins/org.eclipse.equinox.launcher.win32.win32.x86_64_1.1.200.v20120913-144807
-install
C:/Program Files/IBM/SDP
-vmargs
-Xquickstart
-Xms100m
-Xmx1024m
-Xmnx64m
-Xgcpolicy:gencon
-Xscmx96m
-Xshareclasses:name=IBMSDP_%u
-XX:MaxPermSize=512M
-Xcompressedrefs
-Dcom.ibm.ws.management.event.max_polling_interval=1000
-DDSTORE_SSL_ALGORITHM=TLSv1.2
-Xss2m
- Save the file.
- Modify the JVM options in the server side runserver.sh
script.
- Find the runserver.sh script on your server. The
runserver.sh script is located in the /opt/IBM/RDAIXLinux/<product_version>/rse/ directory
on your server. For example, for version 9.0, you will find it at /opt/IBM/RDAIXLinux/9.0/rse/runserver.sh.
- Locate the section of the script where the Java™ executable is called. The section
will look similar to this sample:
if [ $# -gt 4 ]; then
$javaExe -Xgcpolicy:gencon -Xms64m -Xmx128m -Xss2m -cp $classpath -DA_PLUGIN_PATH=$pathIN -DDSTORE_SPIRIT_ON=$SPIRIT_ON -DDSTORE_MEMLOGGING_ON=$MEMLOGGING_ON -DDSTORE_TRACING_ON=$TRACE_ON org.eclipse.dstore.core.server.Server $portIN $timeoutIN $ticketIN
elif [ $# -gt 3 ]; then
$javaExe -Xgcpolicy:gencon -Xms64m -Xmx128m -Xss2m -cp $classpath -DA_PLUGIN_PATH=$pathIN -DDSTORE_SPIRIT_ON=$SPIRIT_ON -DDSTORE_MEMLOGGING_ON=$MEMLOGGING_ON -DDSTORE_TRACING_ON=$TRACE_ON org.eclipse.dstore.core.server.Server $portIN $timeoutIN
fi
- Add the -DDSTORE_SSL_ALGORITHM=TLSv1.2 JVM
option to runserver.sh. After you add the option, runserver.sh
will look similar to this sample.
if [ $# -gt 4 ]; then
$javaExe -Xgcpolicy:gencon -Xms64m -Xmx128m -Xss2m -cp $classpath -DDSTORE_SSL_ALGORITHM=TLSv1.2 -DA_PLUGIN_PATH=$pathIN -DDSTORE_SPIRIT_ON=$SPIRIT_ON -DDSTORE_MEMLOGGING_ON=$MEMLOGGING_ON -DDSTORE_TRACING_ON=$TRACE_ON org.eclipse.dstore.core.server.Server $portIN $timeoutIN $ticketIN
elif [ $# -gt 3 ]; then
$javaExe -Xgcpolicy:gencon -Xms64m -Xmx128m -Xss2m -cp $classpath -DDSTORE_SSL_ALGORITHM=TLSv1.2 -DA_PLUGIN_PATH=$pathIN -DDSTORE_SPIRIT_ON=$SPIRIT_ON -DDSTORE_MEMLOGGING_ON=$MEMLOGGING_ON -DDSTORE_TRACING_ON=$TRACE_ON org.eclipse.dstore.core.server.Server $portIN $timeoutIN
fi
- Save the script.
- Modify the JVM options in the server side daemon.pl script.
- Find the daemon.pl script on your server. The
daemon.pl script is located in the /opt/IBM/RDAIXLinux/<product_version>/rse/ directory
on your server. For example, for version 9.0, you will find it at /opt/IBM/RDAIXLinux/9.0/rse/daemon.pl.
- Locate the section of the script where the Java executable is called. The section
will look similar to this sample:
if (defined($ARGV[1]))
{
exec("$javaExe -Xms64m -Xmx128m -Xss2m -DA_PLUGIN_PATH=\$A_PLUGIN_PATH -DDSTORE_TRACING_ON=$trace org.eclipse.dstore.core.server.ServerLauncher $port $ARGV[1]");
}
else
{
exec("$javaExe -Xms64m -Xmx128m -Xss2m -DA_PLUGIN_PATH=\$A_PLUGIN_PATH -DDSTORE_TRACING_ON=$trace org.eclipse.dstore.core.server.ServerLauncher $port");
}
- Add the -DDSTORE_SSL_ALGORITHM=TLSv1.2 JVM
option to daemon.pl. After you add the option, daemon.pl
will look similar to this sample.
if (defined($ARGV[1]))
{
exec("$javaExe -Xms64m -Xmx128m -Xss2m -DDSTORE_SSL_ALGORITHM=TLSv1.2 -DA_PLUGIN_PATH=\$A_PLUGIN_PATH -DDSTORE_TRACING_ON=$trace org.eclipse.dstore.core.server.ServerLauncher $port $ARGV[1]");
}
else
{
exec("$javaExe -Xms64m -Xmx128m -Xss2m -DDSTORE_SSL_ALGORITHM=TLSv1.2 -DA_PLUGIN_PATH=\$A_PLUGIN_PATH -DDSTORE_TRACING_ON=$trace org.eclipse.dstore.core.server.ServerLauncher $port");
}
- Save the script.
- Restart the server. For information about starting
the server manually, see Connecting to a remote AIX server.
- Restart the development workbench.