Relational Database Server for ClearPath MCP Query Processor Installation and Operations Guide
Configuring Secure Communications

Enabling Secure Connections for Query Processor

Enabling secure connections for Query Processor is optional, and previous configurations to Query Processor do not need to be modified. To enable secure connections, you must add configuration settings to all of the following:

Note:

The following settings can be configured in any order. However, Unisys recommends that you configure these settings in the following order.

MCPSQL/SERVER/CONFIG File

Add the SSLTLS attribute to the server configuration file.
Add the SSLKEYCONTAINER attribute to the server configuration file.

The following is an example of the server configuration file after adding these options:

TCPIP 2012,
SSLTLS 2013 +2,
SSLKEYCONTAINER MCPSQL_SSLKEY,
DSSPROVIDER MCPSQLPROV_DSS

For more information about configuring the server configuration file, refer to Creating the Server Configuration File (MCPSQL/SERVER/CONFIG).

TCP/IP Distributed Systems Services (DSS)

Create a new endpoint for the SSL/TLS port. The value for MYNAME must match the port number of the SSLTLS attribute as defined in the server configuration file. Add the DSS entity of the SSL/TLS endpoint by entering the following system commands:
```
NA REG ADD EP MCPSQL_SSLEP
   FILENAME = MCPSQL_SSLEP,
   MYNAME = "2013",
   PUBLIC = TRUE;
```

Modify the DSS to include the new SSL/TLS endpoint by entering the following system command:

NA REG MODIFY DSS MCPSQL ENDPOINT + MCPSQL_SSLEP

Note:

All TCP/IP configurations are still required and cannot be removed from the DSS.

For more information about configuring the DSS, refer to Configuring the TCP/IP Distributed Systems Services (DSS).

MCP Security Options (DSS)

Use the ALLOWED or REQUIRED options of the SECOPT command to configure secure connections for Query Processor:
- To permit both secure and non-secure connections, enter the following system command:
```
SECOPT SECURECOMM MCPSQL ALLOWED
```
- To permit only secure connections, enter the following system command:
```
SECOPT SECURECOMM MCPSQL REQUIRED
```

For more information about Query Processor security options, refer to Configuring the TCP/IP Distributed Systems Services (DSS).

Prev	Up	Next
Configuring Secure Connections in the Windows Environment	Home	Disabling Secure Connections for Query Processor

Relational Database Server for ClearPath MCP Query Processor Installation and Operations GuideConfiguring Secure Communications

Enabling Secure Connections for Query Processor

Relational Database Server for ClearPath MCP Query Processor Installation and Operations Guide
Configuring Secure Communications