TLS with .NET Clients
Configuring .NET Clients to Use TLS with InterSystems IRIS
InterSystems IRIS® data platform supports TLS connections from .NET clients.
To establish a .NET connection that uses TLS:
-
If you have not done so already, configure the InterSystems IRIS superserver to use TLS so it can accept TLS connections from the .NET client.
-
Create a TLS configurationOpens in a new tab for the .NET client.
-
Ensure that you have installed any relevant CA certificates for verifying the server certificate. The location for these is the current user’s certificate store (Certificates – Current User\Trusted Root Certification Authorities).
-
Establish a connection to a server, based on the format of the connection string as described in the Creating a Connection section of “Connecting to the InterSystems Database”. In addition to the name-value pairs for the server, port, and namespace, include the SSL keyword and specify its value as true. For example, a connection that uses TLS protection might have a connection string of the form:
IrisConnect.ConnectionString = "Server=localhost; Port=1972; Namespace=TESTNAMESPACE; SSL=true;" + "Password=SYS; User ID=_SYSTEM;";
The true value of the SSL keyword specifies that TLS secures the client-server connection (by authenticating the InterSystems IRIS server to the .NET client and, optionally, authenticating the client to the server). Once the secure connection is established, the InterSystems IRIS server uses the User ID and Password keywords to authenticate the identity of the user connecting through the .NET client. (Note that the connection string does not specify anything related to mutual authentication; it merely specifies a server, which in turn may request or require client authentication.)