We have a detailed howto for your first steps with SQL databases in DSS.
You might want to start with that Howto. The rest of this page is reference information for PostgreSQL.
DSS supports the full range of features on PostgreSQL:
- Reading and writing datasets
- Executing SQL recipes
- Performing visual recipes in-database
- Using live engine for charts
DSS only supports PostgreSQL 9 (all minor versions). PostgreSQL 8 is not supported.
Installing the JDBC driver¶
The PostgreSQL driver is pre-installed in DSS. You don’t need any further installation.
Secure connections (SSL / TLS) support¶
DSS can connect to a PostgreSQL server using secure connections.
Setup with certificate validation (recommended)¶
Importing the server certificate and creating the client certificate¶
You first need to obtain and convert the server certificate. Please follow the instructions laid out here:
Note: the default passwords for the truststore are
Setting Java command-line options¶
In order to connect, you need to add some specific command-line switches to the DSS Java processes.
For more information on that topic, please see Java runtime environment
You will need to add the 2
-Djavax... options detailed in the previous web page. These options
must be added for the following processes:
Your install.ini file should therefore look like:
[javaopts] backend.additional.opts=-Djavax.net.ssl.trustStore=path_to_truststore_file -Djavax.net.ssl.trustStorePassword=password jek.additional.opts=-Djavax.net.ssl.trustStore=path_to_truststore_file -Djavax.net.ssl.trustStorePassword=password fek.additional.opts=-Djavax.net.ssl.trustStore=path_to_truststore_file -Djavax.net.ssl.trustStorePassword=password
Don’t forget to restart DSS.
Setting up the PostgreSQL connection¶
In the settings of the connection, add an “Advanced property”:
Setup without certificate validation (not recommended)¶
Setting up SSL connection without certificate connection is much simpler, but by removing certificate validation, you loose the protection that SSL provides, since an internal attacker could still be able to impersonate the server
In the settings of the connection, add the following 2 “Advanced properties”: