9.5 Enable SSL communication with LDAP server

Information

The communication layer between a DB2 instance and the LDAP server should be encrypted. It is recommended that the ENABLE_SSL parameter in the IBMLDAPSecurity.ini file be set to TRUE.

Solution

Verify the parameter-
1. Connect to the DB2 host
2. Edit the IBMLDAPSecurity.ini file
3. Add or modify the file to include the following parameter-
ENABLE_SSL = TRUE
Default Value-
The default value is the omission of this parameter.

See Also

https://workbench.cisecurity.org/files/162

Item Details

Category: IDENTIFICATION AND AUTHENTICATION

References: 800-53|IA-5(1)(c), CSCv6|16.13, CSCv6|16.14

Plugin: Unix

Control ID: 820ae4f24330b5eb1784f3a2aabb785d9be4306ad4f4686dc93b473c61100295