Data Director enables the Secure Sockets Layer (SSL) protocol for all components, including the Management Server, the DB Name Server, and the DBVM. SSL secures both internal communications among components and communications from customers who access the database externally.

By default, Data Director generates an SSL key and certificate for all components. System administrators can replace the automatically generated key and certificate with a custom key and certificate. When you apply a custom key and certificate, you cannot use the key and certificate that Data Director generated.

All key certificate pairs have a period of validity. The automatically generated pair expires after five years. To ensure continued security of data and communications, system administrators must update certificates before they expire.

Data Director currently supports only RSA keys and X509-formatted certificates. Supported keystore types include JKS, JCEKS, and PCKS12.