9.5 Enable SSL communication with LDAP server

Information

The communication layer between a DB2 instance and the LDAP server should be encrypted. It is recommended that the ENABLE_SSL parameter in the IBMLDAPSecurity.ini file be set to TRUE.

Solution

Verify the parameter-
1. Connect to the DB2 host
2. Edit the IBMLDAPSecurity.ini file
3. Add or modify the file to include the following parameter-
ENABLE_SSL = TRUE
Default Value-
The default value is the omission of this parameter.

See Also

https://workbench.cisecurity.org/files/162

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(c), CSCv6|16.13, CSCv6|16.14

Plugin: Unix

Control ID: bf912839e4cfc2c8f2bc09c0a78537b2c45dc86745f4611efd47b27d92d48451