{"id":3164,"date":"2020-04-17T01:19:41","date_gmt":"2020-04-16T16:19:41","guid":{"rendered":"https:\/\/lab4ict.com\/system\/?p=3164"},"modified":"2023-06-17T07:41:58","modified_gmt":"2023-06-16T22:41:58","slug":"db2%ef%bc%88v11-5%ef%bc%89%e3%81%a7hadr%e3%82%92ssl%e5%8c%96%e3%81%99%e3%82%8b%ef%bc%81","status":"publish","type":"post","link":"https:\/\/lab4ict.com\/system\/archives\/3164","title":{"rendered":"Db2\uff08V11.5\uff09\u3067HADR\u306b\u3088\u308b\u901a\u4fe1\u3092SSL\u5316\u3059\u308b\uff01"},"content":{"rendered":"<p>Db2\uff08V11.5\uff09\u3067HADR\u306e\u901a\u4fe1\u3092SSL\u5316\u3057\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u5f37\u5316\u3092\u56f3\u308a\u307e\u3059\u3002<br \/>\n<!--more--><\/p>\n<h2>\u4f7f\u7528\u74b0\u5883<\/h2>\n<ul>\n<li>CentOS 8.1 (Server with GUI)<\/li>\n<li>Db2 V11.5<\/li>\n<\/ul>\n<h2>\u9375\u306e\u4fdd\u7ba1\u5148\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u4f5c\u6210<\/h2>\n<p>SSL\u901a\u4fe1\u7528\u306e\u9375\u306e\u4fdd\u7ba1\u5148\u306e\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u30d7\u30e9\u30a4\u30de\u30ea\u3068\u30b9\u30bf\u30f3\u30d0\u30a4\u5074\u3067\u4f5c\u6210\u3057\u307e\u3059\u3002\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306f\u3001\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u30e6\u30fc\u30b6\u306e\u307f\u30a2\u30af\u30bb\u30b9\u53ef\u80fd\u306b\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3]; title: ; notranslate\" title=\"\">\r\n$ mkdir keystore\r\n$ chmod 700 keystore\r\n<\/pre>\n<h2>\u81ea\u5df1\u7f72\u540d\u8a3c\u660e\u66f8\u306e\u4f5c\u6210<\/h2>\n<p>\u30d7\u30e9\u30a4\u30de\u30ea\u5074\u3067\u81ea\u5df1\u7f72\u540d\u8a3c\u660e\u66f8\u306e\u4f5c\u6210\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3]; title: ; notranslate\" title=\"\">\r\n$ \/home\/db2inst1\/sqllib\/gskit\/bin\/gsk8capicmd_64 -keydb -create  -db &quot;\/home\/db2inst1\/keystore\/primary.kdb&quot; -pw &quot;myPrimaryPassw0rdpw0&quot; -stash\r\n$ \/home\/db2inst1\/sqllib\/gskit\/bin\/gsk8capicmd_64 -cert  -create  -db &quot;\/home\/db2inst1\/keystore\/primary.kdb&quot; -pw &quot;myPrimaryPassw0rdpw0&quot; -label &quot;myPrimarysigned&quot; -dn &quot;CN=server01,O=myOrganization, OU=myOrganizationUnit,L=myLocation,ST=ON,C=CA&quot;\r\n$ \/home\/db2inst1\/sqllib\/gskit\/bin\/gsk8capicmd_64 -cert  -extract -db &quot;\/home\/db2inst1\/keystore\/primary.kdb&quot; -pw &quot;myPrimaryPassw0rdpw0&quot; -label &quot;myPrimarysigned&quot; -target &quot;\/home\/db2inst1\/keystore\/primary.arm&quot; -format ascii -fips\r\n<\/pre>\n<p>\u30b9\u30bf\u30f3\u30d0\u30a4\u5074\u3067\u81ea\u5df1\u7f72\u540d\u8a3c\u660e\u66f8\u306e\u4f5c\u6210\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3]; title: ; notranslate\" title=\"\">\r\n$ \/home\/db2inst1\/sqllib\/gskit\/bin\/gsk8capicmd_64 -keydb -create  -db &quot;\/home\/db2inst1\/keystore\/standby.kdb&quot; -pw &quot;myStandbyPassw0rdpw0&quot; -stash\r\n$ \/home\/db2inst1\/sqllib\/gskit\/bin\/gsk8capicmd_64 -cert  -create  -db &quot;\/home\/db2inst1\/keystore\/standby.kdb&quot; -pw &quot;myStandbyPassw0rdpw0&quot; -label &quot;myStandbysigned&quot; -dn &quot;CN=server02,O=myOrganization, OU=myOrganizationUnit,L=myLocation,ST=ON,C=CA&quot;\r\n$ \/home\/db2inst1\/sqllib\/gskit\/bin\/gsk8capicmd_64 -cert  -extract -db &quot;\/home\/db2inst1\/keystore\/standby.kdb&quot; -pw &quot;myStandbyPassw0rdpw0&quot; -label &quot;myStandbysigned&quot; -target &quot;\/home\/db2inst1\/keystore\/standby.arm&quot; -format ascii -fips\r\n<\/pre>\n<h2>\u8a3c\u660e\u66f8\u306e\u8ee2\u9001<\/h2>\n<p>\u30d7\u30e9\u30a4\u30de\u30ea\u3067\u4f5c\u6210\u3057\u305f\u8a3c\u660e\u66f8\uff08primary.arm\uff09\u3092\u30b9\u30bf\u30f3\u30d0\u30a4\u306b\u8ee2\u9001\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3,4,5,6]; title: ; notranslate\" title=\"\">\r\n$ exit\r\n# scp -p server02:\/home\/db2inst1\/keystore\/standby.arm \/home\/db2inst1\/keystore\/\r\n# chown db2inst1:db2iadm1 \/home\/db2inst1\/keystore\/standby.arm\r\n# chmod 600 \/home\/db2inst1\/keystore\/standby.arm\r\n# su - db2inst1\r\n$ ls -l keystore\r\n<\/pre>\n<p>\u30b9\u30bf\u30f3\u30d0\u30a4\u3067\u4f5c\u6210\u3057\u305f\u8a3c\u660e\u66f8\uff08stanby.arm\uff09\u3092\u30d7\u30e9\u30a4\u30de\u30ea\u306b\u8ee2\u9001\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3,4,5,6]; title: ; notranslate\" title=\"\">\r\n$ exit\r\n# scp -p server01:\/home\/db2inst1\/keystore\/primary.arm \/home\/db2inst1\/keystore\/\r\n# chown db2inst1:db2iadm1 \/home\/db2inst1\/keystore\/primary.arm\r\n# chmod 600 \/home\/db2inst1\/keystore\/primary.arm\r\n# su - db2inst1\r\n$ ls -l keystore\r\n<\/pre>\n<h2>\u8a3c\u660e\u66f8\u306e\u767b\u9332<\/h2>\n<p>\u30d7\u30e9\u30a4\u30de\u30ea\u3067\u30b9\u30bf\u30f3\u30d0\u30a4\u306e\u8a3c\u660e\u66f8\u3092\u767b\u9332\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1]; title: ; notranslate\" title=\"\">\r\n$ \/home\/db2inst1\/sqllib\/gskit\/bin\/gsk8capicmd_64 -cert -add -db &quot;\/home\/db2inst1\/keystore\/primary.kdb&quot; -pw &quot;myPrimaryPassw0rdpw0&quot; -label &quot;myStandbysigned&quot; -file &quot;\/home\/db2inst1\/keystore\/standby.arm&quot; -format ascii -fips\r\n<\/pre>\n<p>\u30b9\u30bf\u30f3\u30d0\u30a4\u3067\u30d7\u30e9\u30a4\u30de\u30ea\u306e\u8a3c\u660e\u66f8\u3092\u767b\u9332\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1]; title: ; notranslate\" title=\"\">\r\n$ \/home\/db2inst1\/sqllib\/gskit\/bin\/gsk8capicmd_64 -cert -add -db &quot;\/home\/db2inst1\/keystore\/standby.kdb&quot; -pw &quot;myStandbyPassw0rdpw0&quot; -label &quot;myPrimarysigned&quot; -file &quot;\/home\/db2inst1\/keystore\/primary.arm&quot; -format ascii -fips\r\n<\/pre>\n<h2>Db2\u306e\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3068DB\u306b\u9375\u306e\u60c5\u5831\u3092\u8a2d\u5b9a<\/h2>\n<p>\u30d7\u30e9\u30a4\u30de\u30ea\u306e\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3068DB\u306b\u9375\u306e\u60c5\u5831\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3]; title: ; notranslate\" title=\"\">\r\n$ db2 update dbm cfg using SSL_SVR_KEYDB \/home\/db2inst1\/keystore\/primary.kdb\r\n$ db2 update dbm cfg using SSL_SVR_STASH \/home\/db2inst1\/keystore\/primary.sth\r\n$ db2 update db cfg for db01 using HADR_SSL_LABEL myPrimarysigned\r\n<\/pre>\n<p>\u30b9\u30bf\u30f3\u30d0\u30a4\u306e\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u3068DB\u306b\u9375\u306e\u60c5\u5831\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3]; title: ; notranslate\" title=\"\">\r\n$ db2 update dbm cfg using SSL_SVR_KEYDB \/home\/db2inst1\/keystore\/standby.kdb\r\n$ db2 update dbm cfg using SSL_SVR_STASH \/home\/db2inst1\/keystore\/standby.sth\r\n$ db2 update db cfg for db01 using HADR_SSL_LABEL &quot;myStandbysigned&quot;\r\n<\/pre>\n<h2>Db2\u306e\u518d\u8d77\u52d5\u3068HADR\u306e\u518d\u63a5\u7d9a<\/h2>\n<p>\u30d7\u30e9\u30a4\u30de\u30ea\u306eDB\u3092\u505c\u6b62\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2]; title: ; notranslate\" title=\"\">\r\n$ db2 deactivate db db01\r\n$ db2stop\r\n<\/pre>\n<p>\u30b9\u30bf\u30f3\u30d0\u30a4\u306eDB\u3092\u505c\u6b62\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2]; title: ; notranslate\" title=\"\">\r\n$ db2 deactivate db db01\r\n$ db2stop\r\n<\/pre>\n<p>\u30b9\u30bf\u30f3\u30d0\u30a4\u306eDB\u3092\u8d77\u52d5\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3]; title: ; notranslate\" title=\"\">\r\n$ db2start\r\n$ db2 activate db db01\r\n$ db2pd -hadr -db db01\r\n...\r\n                           HADR_STATE = REMOTE_CATCHUP_PENDING\r\n                           HADR_FLAGS = \r\n...\r\n<\/pre>\n<p>\u30d7\u30e9\u30a4\u30de\u30ea\u306eDB\u3092\u8d77\u52d5\u3057\u307e\u3059\u3002<\/p>\n<pre class=\"brush: plain; highlight: [1,2,3]; title: ; notranslate\" title=\"\">\r\n$ db2start\r\n$ db2 activate db db01\r\n$ db2pd -hadr -db db01\r\n...\r\n                           HADR_STATE = PEER\r\n                           HADR_FLAGS = SSL_PROTOCOL\r\n...\r\n<\/pre>\n<p>\u300cHADR_FLAGS\u300d\u306e\u5024\u304c\u3001\u300cSSL_PROTOCOL\u300d\u306b\u306a\u3063\u3066\u3044\u308b\u3053\u3068\u3067\u3001SSL\u901a\u4fe1\u304c\u884c\u308f\u308c\u3066\u3044\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u307e\u3059\u3002<\/p>\n<h2>\u304a\u308f\u308a\u306b<\/h2>\n<p>HADR\u306e\u901a\u4fe1\u3092SSL\u5316\u3057\u3001HADR\u306b\u3088\u308b\u901a\u4fe1\u306e\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u5f37\u5316\u3092\u56f3\u308a\u307e\u3057\u305f\u3002<\/p>\n<h2>\u53c2\u8003\u60c5\u5831<\/h2>\n<ul>\n<li><a href=\"https:\/\/www.ibm.com\/docs\/en\/db2\" target=\"_blank\" rel=\"noopener\">IBM Db2 documentation<\/a><\/li>\n<\/ul>\n<h2>\u95a2\u9023\u8a18\u4e8b<\/h2>\n<div class=\"sc_getpost\"><a class=\"clearfix\" href=\"https:\/\/lab4ict.com\/system\/archives\/4286\" ><div class=\"sc_getpost_thumb post-box-thumbnail__wrap\"><img decoding=\"async\" src=\"data:image\/gif;base64,R0lGODdhAQABAPAAAN3d3QAAACwAAAAAAQABAAACAkQBADs=\" width=\"150\" height=\"150\" alt=\"\u3010\u8a18\u4e8b\u4e00\u89a7\u3011Db2\u3092\u4f7f\u3044\u3053\u306a\u3059\uff01\" loading=\"lazy\" data-src=\"https:\/\/lab4ict.com\/system\/wp-content\/uploads\/2022\/12\/eyecatch_db2_02-150x150.png\" class=\"lazyload\"><\/div><div class=\"title\">\u3010\u8a18\u4e8b\u4e00\u89a7\u3011Db2\u3092\u4f7f\u3044\u3053\u306a\u3059\uff01<\/div><div class=\"substr\">Db2\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u304b\u3089\u6d3b\u7528\u306b\u95a2\u3059\u308b\u8a18\u4e8b\u306e\u4e00\u89a7\u3092\u63b2\u8f09\u3057\u307e\u3059\u3002...<\/div><\/a><\/div>\n<h2>Db2\u66f8\u7c4d\uff08Amazon\uff09<\/h2>\n<h3>\u5373\u6226\u529b\u306eDB2\u7ba1\u7406\u8853\u3000\uff5e\u4ed5\u7d44\u307f\u304b\u3089\u308f\u304b\u308b\u52b9\u7387\u7684\u7ba1\u7406\u306e\u30ce\u30a6\u30cf\u30a6<\/h3>\n<p><iframe style=\"width: 120px; height: 240px;\" sandbox=\"allow-popups allow-scripts allow-modals allow-forms allow-same-origin\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" frameborder=\"0\" src=\"\/\/rcm-fe.amazon-adsystem.com\/e\/cm?lt1=_blank&amp;bc1=000000&amp;IS2=1&amp;bg1=FFFFFF&amp;fc1=000000&amp;lc1=0000FF&amp;t=infotecr-22&amp;language=ja_JP&amp;o=9&amp;p=8&amp;l=as4&amp;m=amazon&amp;f=ifr&amp;ref=as_ss_li_til&amp;asins=B07FC6JDJF&amp;linkId=78a998dac5b175577ad0fd2f81956839\"><\/iframe><\/p>\n<h3>DB2 10 \u30a8\u30d0\u30ea\u30e5\u30a8\u30fc\u30b7\u30e7\u30f3\u30fb\u30ac\u30a4\u30c9\u30d6\u30c3\u30af<\/h3>\n<p><iframe style=\"width: 120px; height: 240px;\" sandbox=\"allow-popups allow-scripts allow-modals allow-forms allow-same-origin\" marginwidth=\"0\" marginheight=\"0\" scrolling=\"no\" frameborder=\"0\" src=\"\/\/rcm-fe.amazon-adsystem.com\/e\/cm?lt1=_blank&amp;bc1=000000&amp;IS2=1&amp;bg1=FFFFFF&amp;fc1=000000&amp;lc1=0000FF&amp;t=infotecr-22&amp;language=ja_JP&amp;o=9&amp;p=8&amp;l=as4&amp;m=amazon&amp;f=ifr&amp;ref=as_ss_li_til&amp;asins=479813189X&amp;linkId=f11cfb121245f63214f653b5812fa0cb\"><\/iframe><\/p>\n<hr \/>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Db2\uff08V11.5\uff09\u3067HADR\u306e\u901a\u4fe1\u3092SSL\u5316\u3057\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u5f37\u5316\u3092\u56f3\u308a\u307e\u3059\u3002<\/p>\n","protected":false},"author":1,"featured_media":6945,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[106],"tags":[480,521],"class_list":["post-3164","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-db2","tag-db2","tag-hadr"],"_links":{"self":[{"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/posts\/3164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/comments?post=3164"}],"version-history":[{"count":1,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/posts\/3164\/revisions"}],"predecessor-version":[{"id":10351,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/posts\/3164\/revisions\/10351"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/media\/6945"}],"wp:attachment":[{"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/media?parent=3164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/categories?post=3164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lab4ict.com\/system\/wp-json\/wp\/v2\/tags?post=3164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}