Home
AdministeringIn addition to administering the database server, you can tune performance, replicate data, and archive data.
System administrationThese topics contain concepts, procedures, and reference information for database and database server administrators to use for managing and tuning HCL Informix® database servers.
Administrator's GuideThe Informix® Administrator's Guide provides the information required to administer HCL Informix®.
High availability and scalabilityA successful production environment requires database systems that are always available, with minimal if any planned outages, and that can be scaled quickly and easily as business requirements change.
Connection management through the Connection ManagerConnection Managers can control automatic failover for high-availability clusters, monitor client connections and direct requests to appropriate database servers, act as proxy servers and handle client/server communication, and prioritize connections between application servers and the primary server of a high-availability cluster. Connection Managers support high-availability clusters, replicate sets, server sets, and grids.
Configuration examples for connection managementThe following examples show steps for setting up connection management for various connection units and various systems.
Example: Configuring for an SSL connectionThis example shows the steps to configure CM to listen for SSL connections from database clients.
Example: Using the GSKit encryption libraryThis example shows the steps to configure CM to listen for SSL connection using the GSKit encryption library.

Example: Using the GSKit encryption library

This example shows the steps to configure CM to listen for SSL connection using the GSKit encryption library.

About this task

Use the gsk8capicmd utility of your GSKit installation.

Procedure

To configure cm1 to listen for an SSL connection, create a keystore file named cm1.p12 in the CM's $INFORMIXDIR/ssl directory.
```
$ gsk8capicmd -keydb -create -db cm1.p12 -pw test -type pkcs12 -expire 3650 -stash
```
Note: Ensure that this file is owned by the user running oncmsm (usually informix) and has 600 permissions.

Obtain the certificate, either creating it or importing it from a PEM file. Note its label.

 Example command for creating a certificate in the keystore:
$ gsk8capicmd -cert -create -db cm1.p12 -pw test -dn "CN=`hostname`" -size 2048 -label cm1ListeningCert -ca true -sigalg SHA256WithRSA

Example command for importing a certificate in a PEM file into the keystore:
$ gsk8capicmd -cert -add -db cm1.p12 -pw test -file filewithcertificatetoimport.pem -label cm1ListeningCert -format ascii -trust enable

In cm1's config file set "SSL_LABEL" to the certificate's label:
```
SSL_LABEL cm1ListeningCert 
```

Rate this topic

5 stars 4 stars 3 stars 2 stars 1 star

Comment on this topic.

By clicking this box, you acknowledge that you are NOT a U.S. Federal Government employee or agency, nor are you submitting information with respect to or on behalf of one. HCL provides software and services to U.S. Federal Government customers through its partners immixGroup, Inc. Contact this team at https://hcltechsw.com/resources/us-government-contact. Do not include any personal data in this Comment box.