Home
AdministeringIn addition to administering the database server, you can tune performance, replicate data, and archive data.
System administrationThese topics contain concepts, procedures, and reference information for database and database server administrators to use for managing and tuning HCL OneDB™ database servers.
Administrator's GuideThe HCL OneDB™ Administrator's Guide provides the information required to administer HCL OneDB™.
High availability and scalabilityA successful production environment requires database systems that are always available, with minimal if any planned outages, and that can be scaled quickly and easily as business requirements change.
Connection management through the Connection ManagerConnection Managers can control automatic failover for high-availability clusters, monitor client connections and direct requests to appropriate database servers, act as proxy servers and handle client/server communication, and prioritize connections between application servers and the primary server of a high-availability cluster. Connection Managers support high-availability clusters, replicate sets, server sets, and grids.
Configuration examples for connection managementThe following examples show steps for setting up connection management for various connection units and various systems.
Example: Configuring for an SSL connectionThe examples in this section shows the steps to configure Connection Manager to listen for SSL connections from database clients.
Example: Using the OpenSSL encryption libraryThis example shows the steps to configure CM to listen for SSL connection using the OpenSSL encryption library.

Example: Using the OpenSSL encryption library

This example shows the steps to configure CM to listen for SSL connection using the OpenSSL encryption library.

About this task

Use the openssl utility of your OpenSSL installation.

Procedure

Create a self-signed certificate and corresponding private key in a PEM file:
Create a private key
```
$ openssl genrsa -out cm1key.pem
```
Create the self-signed certificate using the private key
```
$ openssl req -new -x509 -key cm1key.pem -subj "CN=`hostname`" -days 3650 -out cm1cert.pem
```
Put the private key and the self-signed certificate into a single PEM file
```
$ cat cm1key.pem cm1cert.pem > filewithcertificatetoimport.pem
```

Create the keystore file to contain the private key and certificate that are contained in a PEM file:

$ openssl pkcs12 -export -in filewithcertificatetoimport.pem -name cm1ListeningCert -passout pass:test -out cm1.p12

Create the stash file to contain the encrypted keystore password:
```
onkstash cm1.p12 test
```
In cm1's config file set "SSL_LABEL" to the certificate's label:
```
SSL_LABEL cm1ListeningCert
```