For all new installations of Ingres 12.0, the inbound and outbound encryption mode (ib_encrypt_mode and ob_encrypt_mode) is set to ON by default. This change strengthens our security out of the box. There are no configuration changes for existing Ingres installations.

Applications using shared database connections (using GCA_SAVE / GCA_RESTORE), for example OpenROAD, ABF and/or calling other applications, Report Writer or alike, must use the client side communication server rather than the default direct connection to the remote communication server. This is achieved by adding connection attribute connection_type to the vnode definition and set to comsvr.

Failing to do so, applications may fail with:

See Configure AES Encryption (Ingres Net and GCA Remote Access) in the Security Guide.