Replication Agent supports use of the secure sockets layer (SSL) for connections to and from Replication Agent instances.
Client applications can use SSL to encrypt connections to Replication Agent.
Each Replication Agent instance stores an asymmetric encryption key pair in an identity file located at the path indicated by ssl_identity_filename. The identity file is encrypted and is accessed with the password stored in ssl_identity_password. The Certificate Authority (CA) certificates for a Replication Agent instance are stored in a file located at the path indicated by ssl_certificates_filename.
To configure a Replication Agent instance to listen for SSL client connections on its administration port, set use_ssl to true. Clients must then use SSL to connect to the Replication Agent instance.
To connect to an Oracle data server, set the pds_use_ssl Replication Agent configuration parameter to true. To verify the distinguished name (DN) of the server certificate, set pds_ssl_sc_dn. Also specify the Oracle SSL port number using pds_port_number.
To connect to Microsoft SQL Server, set the pds_use_ssl Replication Agent configuration parameter to true. To verify the primary dataserver server certificate common name, set pds_ssl_sc_cn to the common name (CN) of the server (as specified in the distinguished name (DN) of the server certificate)
To connect to IBM DB2 UDB, set the pds_use_ssl Replication Agent configuration parameter to true.
To connect to a Replication Server, set rs_use_ssl to true. To verify the DN of the Replication Server server certificate, set rs_ssl_sc_dn.
See the Replication Agent 15.7.1 SP100 Administration Guide and the Replication Agent 15.7.1 SP100 Reference Manual.