Jump to: navigation, search

jdbc-url

Section: gim-etl
Default Value: No default value
Valid Values: Any valid JDBC URL
Changes Take Effect: For an extraction DAP, at the next run of the extraction job for the particular data domain; for the Info Mart DAP, on restart of the Genesys Info Mart Server.


Specifies all of the connection parameters for JDBC connection to the IDB or the Info Mart database. For the required syntax for this option, consult the vendor documentation for your JDBC driver.

  • Example for Microsoft SQL Server
    Microsoft SQL Server requires the following format to specify connection parameters for the Microsoft JDBC driver: jdbc:sqlserver://<dbserver>;DatabaseName=<dbname>;SelectMethod=cursor
  • Example for Oracle
    Oracle requires the following format to specify connection parameters for the Oracle thin client: jdbc:oracle:thin:@(DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = <database_host_name>)(PORT = 1521))(CONNECT_DATA = (SERVER = DEDICATED)(SID = <Oracle_SID>)))
  • Example for PostgreSQL
    PostgreSQL requires the following format to specify connection parameters for the PostgreSQL JDBC driver: jdbc:postgresql://<database_host_name>:<port>/<dbname>

Federal Information Processing Standards (FIPS)

Federal Information Processing Standards, also known as FIPS, are a set of standards created by the United States federal government for use in computer systems of non-military government agencies and their contractors. They are concerned primarily with interoperability of different systems, portability of data and software, and computer security.

For more information, see Genesys Security Deployment Guide

Transport Layer Security

Also known as TLS. An industry-standard protocol for secure communications on the Internet. It is the successor of Secure Sockets Layer (SSL) 3.0.
Genesys supports the use of the TLS protocol to secure data exchange between Genesys components.



Glossary

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Enabling Secure Connections

The following steps summarize the task flow to enable Genesys Info Mart to implement the features that Genesys provides to secure connections in the deployment. All of the security features are optional.

  1. Enable the Transport Layer Security (TLS) protocol on the connections from Genesys Info Mart Server to Configuration Server and Message Server.
    1. (For UNIX-based deployments only) Install the Genesys Security Pack on the Genesys Info Mart Server host, and set the applicable environment variable to specify the path to the Security Pack libraries. For more details, see the information about Installing Genesys Security Pack in the Genesys Security Deployment Guide.
    2. If certificates do not already exist, create and install certificates on the Genesys Info Mart Server host, as well as on the Configuration Server and Message Server hosts. Genesys Info Mart supports mutual TLS, which requires exchange of certificates from both the TLS Server and the TLS Client. For more details, see the information about installing and generating certificates and about Securing Connections Using TLS in the Genesys Security Deployment Guide.

      To enable TLS 1.2, ensure that you use versions of the applications that support the protocol (see TLS Protocol Support) and that you modify the transport protocol parameters to specify the sec-protocol option (sec-protocol=TLSv12).

    3. If necessary, modify the configurations of the Configuration Server and Message Server applications to:
      1. Add a new port for secure connections. On the Configuration Server and Message Server Application objects, select the Secured mode.
      2. Use a host certificate.
      For full details, see Securing Core Framework Connections and other pages about TLS configuration in the Genesys Security Deployment Guide.
    4. On the Genesys Info Mart Application object, add connections to Configuration Server and Message Server (as described for the Connections tab in Creating the Genesys Info Mart application). When you add the connection(s), ensure that you specify the port that you created for secure connections.

  2. Enable compliance with Federal Information Processing Standards (FIPS).
    Genesys Info Mart support for TLS complies with FIPS, but there are additional steps to enable FIPS mode. For details about setting up your Java environment to be compliant with FIPS, see the information about enabling FIPS in a Genesys Java environment in the Genesys Security Deployment Guide.
  3. Enable client-side port definition for the connection from Genesys Info Mart Server to Configuration Server.
    1. When you install Genesys Info Mart, specify the connection parameters that Genesys Info Mart will use for the initial connection to Configuration Server.
    2. In the Genesys Info Mart Application object, add or modify the connection to Configuration Server, to specify the connection parameters (port number and, optionally, IP address) that Genesys Info Mart will use to reconnect to Configuration Server after a switchover or disconnection. You configure the parameters in the Transport Parameters text box on the Advanced tab of the connection properties.

      For full details, see the information about client-side port definition in the Genesys Security Deployment Guide.


  4. Enable client-side port definition for the connection from Genesys Info Mart Server to Message Server.

    In the Genesys Info Mart Application object, add or modify the connection to Message Server, to specify the connection parameters (port number and, optionally, IP address) that Genesys Info Mart will use. You configure the parameters in the Transport Parameters text box on the Advanced tab of the connection properties.

    For full details, see the information about client-side port definition in the Genesys Security Deployment Guide.


  5. Enable use of the Secure Socket Layer (SSL) protocol on the JDBC connections between Genesys Info Mart Server and its source and target databases.

    Create the certificates and configure the RDBMS server and client as described in your RDBMS vendor documentation for Java clients, including JVM startup parameters. See also the Environment Settings information in the Framework Database Connectivity Reference Guide.

    When you configure the extraction DAP(s) and the Info Mart DAP, use the jdbc-url option to specify the URL information as required by your RDBMS to implement JDBC over SSL. See the extended description of the jdbc-url option for examples of the syntax to use.

    For more information about configuring the jdbc-url option, see Configuring a JDBC extraction DAP or Configuring a non-JDBC extraction DAP. For more information about the parameters that you must specify, see your RDBMS vendor documentation.


  6. In deployments that rely on obtaining reporting data from Kafka, enable a secure client connection from Genesys Info Mart to the Kafka instance.
    Starting with release 8.5.014.19, you can set native Kafka configuration options in the kafka-<cluster-name> configuration section to enable secure client connections. In particular, see kafka-<cluster-name> Section in the Genesys Info Mart Options Reference for security options you should consider for a Kafka cluster that uses SASL_SSL authentication or if you are using SSL connections with a self-signed certificate.

This page was last edited on March 15, 2021, at 12:58.
Comments or questions about this documentation? Contact us for support!