Manualshelf

Neoview ODBC Drivers Manual (R2.5)

ManualsBrandsHP ManualsSoftwareHP Neoview Release 2.5 Software
21222324252627282930
IMPORTANT: You must have write permission for the certificate directory. If you do not, the
download fails and an error is returned.
NOTE: The most common way to identify the home directory is the HOME environment
variable. If that variable is not set on the workstation, the security framework uses the
HOMEDRIVE and HOMEPATH environment variables. If those variables are not set either, an
error is reported.
Specifying the Certificate File Location
A system security policy, under the control of your Security Manager, determines how the
certificate is deployed to workstations:
If your Neoview system is configured to permit automatic download, the ODBC driver
automatically downloads a certificate to the workstation when it first connects to a Neoview
platform. Because the same workstation can connect to multiple Neoview platforms, the
driver downloads a unique certificate for every Neoview platform to which the workstation
connects.
In Neoview configurations that do not permit automatic download, the certificate is deployed
to your workstation in accordance with your own corporate security procedures.
In either case, three ODBC connection attributes specify the location of the certificate file:
SQL_ATTR_CERTIFICATE_DIR specifies the directory where the certificate resides. If you
do not specify this attribute, the home directory applies by default.
SQL_ATTR_CERTIFICATE_FILE specifies the file where a new certificate is deployed. This
is the location to which a new certificate must be deployed if automatic download is
prohibited. By default, the filename is SYSTEM_NAME.cer, where SYSTEM_NAME consists
of the first five characters of the Neoview platform name.
SQL_ATTR_CERTIFICATE_FILE_ACTIVE specifies the filename of the certificate used for
connection. This is the location to which a certificate is automatically downloaded if automatic
download is permitted by the security policy. By default, the filename is
SYSTEM_NAMEActive.cer, where SYSTEM_NAME consists of the first five characters of
the Neoview platform name.
The maximum length of each of these attributes is 128 characters.
You can specify the certificate location in the connection string, using the CERTIFICATEDIR,
CERTIFICATEFILE, and CERTIFICATEFILE_ACTIVE attributes:
"DSN=QRK0101;UID=REGEAST\USER1;PWD=pass1234;ROLENAME=ROLE.MGR;
CERTIFICATEDIR=C:\Security\MyCertificateDir;CERTIFICATEFILE=SEC01.cer;CERTIFICATEFILE_ACTIVE=SEC01Active.cer"
You can also specify the certificate directory during installation. The Windows Installer lets you
type in a value or browse to a location on your desktop. To specify a value when installing from
an MSI file in a non-interactive mode, invoke the Windows installer with the following syntax:
msiexec /qn /i "HP ODBC 2.0.msi" CERTIFICATEDIR="directory"
If you specify the directory in multiple ways—for example, if you specify it at installation and
then specify a different value in the connection string:
1. The connection attribute has higher precedence than
2. The connection string, which has higher precedence than
3. The value specified during ODBC driver installation, or in the MXODSN or odbc.ini file
Similarly, if you specify the certificate filename in both a connection attribute and a connection
string, the connection attribute takes precedence.
Expired Certificates
When the workstation application connects with a certificate that has expired, the ODBC driver:
22 HP Neoview ODBC Driver Overview for Windows