Clients use a set of encryption connection parameters for transport-layer security.
This is the only required parameter. Clients use the trusted_certificates encryption connection parameter to specify trusted database server certificates. The trusted certificate can be a server's self-signed certificate, a public enterprise root certificate, or a certificate belonging to a commercial Certificate Authority.
For more information, see Creating digital certificates.
The certificate_company, certificate_unit, and certificate_name encryption protocol options are used to verify certificate fields, an important step for server authentication. It is strongly recommended that you verify certificate fields if you are using a third-party Certificate Authority to globally sign certificates.
For more information about verifying certificate fields, see Verifying certificate fields.