IT Process Automation

  • Private Community

  • 1.  CA ITPAM Installation DB config

    Posted May 23, 2018 11:16 AM

    Hi all,

     

    The client site MSSQL DB force encrypted connection from client, and CA ITPAM installer cannot create DB or test DB connection due to that. Is there a way to work around this?

     

    Best regards,

    Conan



  • 2.  Re: CA ITPAM Installation DB config

    Posted May 23, 2018 01:33 PM

    Hi Conan,

     

    See if this helps,

    Connecting with SSL Encryption | Microsoft Docs 

    In a nutshell, you'll have to use the connection string field passing extra parameters. 



  • 3.  Re: CA ITPAM Installation DB config

    Posted May 23, 2018 11:32 PM

    Hi Marcel,

     

    Thanks for the reply, but how do I edit the connection string field? The check box and field are dimmed.

    Edit: I look into the silent install option. I believed that the connection string field is only available for Oracle DB. Is there a work around for MSSQL.

    Conan



  • 4.  Re: CA ITPAM Installation DB config

    Posted May 24, 2018 01:34 PM

    Hi Conan, 

     

    I'm sorry about that, I believe that the only solution is to open a case in support.



  • 5.  Re: CA ITPAM Installation DB config

    Broadcom Employee
    Posted May 29, 2018 11:24 AM

    I am not seeing a way to do this during the installation.  You will need to pass any additional connection strings through the Process Automation oasisconfig.properties configuration files after the installation.



  • 6.  Re: CA ITPAM Installation DB config
    Best Answer

    Broadcom Employee
    Posted May 30, 2018 10:51 AM

    This is not currently supported.

    From a review of the JDBC connection string details, Microsoft has added new parameters to the MS SQL JDBC Driver:
    https://docs.microsoft.com/en-us/sql/connect/jdbc/connecting-with-ssl-encryption?view=sql-server-2017

    "...new connection string properties such as encrypt, trustServerCertificate, trustStore, trustStorePassword, and hostNameInCertificate, "


    We deploy and connect to MS SQL using a 3rd party JDBC Driver from JTDS, which does not support those new connection string parameters:
    http://jtds.sourceforge.net/faq.html


    We are updating our connection to the MS SQL database in Process Automation release 4.3 sp3, which is due out in June, to use the latest JDBC Driver directly from Microsoft.
    I am not finding any details that the installation will support the initial install using SSL, but we are supporting newer SQL features such as the AlwaysOn option, and we may have an option to allow the installer to connect to a Secure only MSSQL database.

    I am checking around internally to see if I can locate any more specifics on this.



  • 7.  Re: CA ITPAM Installation DB config

    Posted May 30, 2018 11:11 AM

    Hi Michael,

     

    Thanks for the update. Your reply has everything I needed to rely to the client.

     

    Conan



  • 8.  Re: CA ITPAM Installation DB config

    Posted May 30, 2018 11:06 AM

    What I'd do is, create a normal db without encryption and inform the client about this limitation, and how it will be fixed on a newer release. 



  • 9.  Re: CA ITPAM Installation DB config

    Posted May 30, 2018 11:31 AM

    For finance and banking client, they have strict security policy. I needed a confirmation from the product vendor on the encryption support and the reason/root cause behind the lack of support to apply for exception.