Use > Database > Deploying the PostgreSQL Server Database > PostgreSQL Server Configuration > How to Connect UCMDB Server Securely to the PostgreSQL Database with TLS Enabled

How to Connect UCMDB Server Securely to the PostgreSQL Database with TLS Enabled

This section describes how to configure UCMDB to connect securely to PostgreSQL Server.

  1. Prerequisites.

    The PostgreSQL Server to which UCMDB will connect needs to accept encrypted connections (TLS). For instructions about how to enable this, contact your DBA.

  2. Configure UCMDB's JDBC drivers.

    1. Install the UCMDB Server, without configuring the UCMDB Schema. For detailed information about how to install the Universal CMDB server, see the interactive Universal CMDB Deployment Guide.
    2. Check if the \conf\jdbc.properties file exists. If not, create it.

      Note The jdbc.properties file must be encoded in ANSI. If the file is UFT-8 encoded, the properties will be ignored.

  3. Add the following settings into the jdbc.properties file:

    Postgresql = ddpostgresql
    ddpostgresql.ssl=true
    ddpostgresql.sslcert=<path_to_the_certificate>\\client.crt
    ddpostgresql.sslkey=<path_to_the_certificate>\\client.pkcs8
    ddpostgresql.sslmode=require
    

    Note For Windows the absolute path separator is "\\".

  4. Save the file.

    Note The client.crt is the certificate that identifies and authenticate the user when it tries to connect to an encrypted PostgreSQL Server.

    The client.pkcs8 is the private key that decrypts the certificate.

    The key must be in .pkcs8 format, without encryption and without PEM encoding.

  5. Run the Configuration Wizard.

    Windows: Start > All Programs > UCMDB > Start Universal CMDB Server Configuration Wizard

    Linux: Run the <UCMDB_Server>/bin/configure.sh script

  6. Follow the wizard steps, and connect the UCMDB Server to the PostgreSQL Server Database with TLS enabled.

  7. Start the UCMDB Server.