DB2: creating a CA-signed certificate

The process for creating and installing a CA-signed certificate is explained in IBM's documentation.

Once you have that certificate, you will need to install it in Gallium Data, in the Crypto section, under Keys.

You will also need to install the corresponding secret key in Gallium Data, in the same location.

Both the certificate and the secret key need to be in PEM format. Consult the OpenSSL documentation on how to convert between formats.

The certificate should be text that begins with:

-----BEGIN CERTIFICATE-----

and ends with:

-----END CERTIFICATE-----

The private key should also be text that begins with:

-----BEGIN PRIVATE KEY-----

and ends with:

-----END PRIVATE KEY-----

Once both are installed in Gallium Data, your database clients should be able to connect to Gallium Data using SSL.