Edge Encryption ODBC driver integration

Configure your ODBC driver to query data encrypted by Edge Encryption. The Edge Encryption proxy server encrypts ODBC driver requests to the ServiceNow instance when Edge Encryption is integrated with the ODBC driver.

Encrypted responses from the instance are decrypted through the Edge Encryption proxy server before passing to the ODBC driver in your network.

For a successful integration, the ODBC driver must trust the Edge Encryption proxy server certificate. If the Edge Encryption proxy server certificate is signed by a Certificate Authority trusted by the ODBC driver, the Edge Encryption proxy server is automatically trusted. However, if a Certificate Authority trusted by the ODBC driver has not signed the Edge Encryption proxy server certificate, you must import the self-signed certificate to the ODBC truststore.

Import a self-signed certificate to the ODBC truststore

If a Certificate Authority trusted by the ODBC driver has not signed the Edge Encryption proxy server certificate, you must import a self-signed certificate to the ODBC truststore. You can export the certificate from the Edge Encryption proxy server and import it into the ODBC truststore.

Before you begin

To determine whether a Certificate Authority trusted by the ODBC driver has signed the Edge Encryption proxy server certificate, run the following command in the keystore directory in the proxy home directory to view a list of Certificate Authorities trusted by the ODBC driver:
keytool -keystore "<ODBC directory>\ip\Java\jre\lib\security\cacerts" -list

Procedure

  1. Change to the keystore directory in the proxy home directory.
  2. Check the keystore for the self-signed certificate.
    1. To check the keystore for the certificate, you can run the following command to list all the items in the keystore.
      keytool -list -keystore keystore.jceks -storetype jceks -v
    2. Locate the key alias in the list of items.
  3. Using the key alias, export the certificate to a .cer file.
    keytool -export -alias <key alias> -keystore keystore.jceks -storetype jceks -rfc -file <file name>.cer
  4. Change to your ODBC truststore directory: ODBC\ip\Java\jre\lib\security\cacerts.
  5. Import the certificate to your ODBC truststore.
    keytool -keystore cacerts -importcert -alias $<key alias> -file <file name>.cer

Set the ODBC driver properties

Set the ODBC driver properties to route requests through the Edge Encryption proxy server.

Procedure

  1. In Windows, navigate to Start > Programs > ServiceNow ODBC Management Console.
  2. Expand the console tree root to: ServiceNow ODBC Manager\Manager\<installation location>\Services\ServiceNow_ODBC\Data Source Settings\ServiceNow\IP Parameters.
  3. Double-click the DataSourceIPProperties attribute.
  4. Change the Value to the URL of your Edge Encryption proxy server, such as https://<IP address>:<port>
    Figure 1. DataSourceIPProperties
  5. Click OK.

What to do next

The ODBC driver is now configured to route requests to the instance through the Edge Encryption proxy server.