9.5 Enable SSL communication with LDAP server

Information

The communication layer between a DB2 instance and the LDAP server should be encrypted. It is recommended that the ENABLE_SSL parameter in the IBMLDAPSecurity.ini file be set to TRUE.

Solution

Verify the parameter-
1. Connect to the DB2 host
2. Edit the IBMLDAPSecurity.ini file
3. Add or modify the file to include the following parameter-
ENABLE_SSL = TRUE
Default Value-
The default value is the omission of this parameter.

See Also

https://workbench.cisecurity.org/files/162

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-8(1)

Plugin: Windows

Control ID: 0d0941c11451ad4b9371ade118ca0f5b85a00de4a5466ed32c86b34105b4e708