ODBC Driver for Amazon Redshift

Connection to Amazon Redshift via HTTP Tunnel in ODBC Driver

Connecting to Amazon Redshift Using HTTP Tunneling

This section discusses how to connect the ODBC driver to Amazon Redshift through an HTTP tunnel. If you need to connect to Amazon Redshift in conditions of restricted connectivity, e.g. when a database server is hidden behind a firewall, or you need to transmit private network data through a public network, you can set up an HTTP tunnel to create a direct network link between two locations. The tunnel is created by an intermediary called a proxy server.

When Amazon Redshift server is hidden behind a firewall, the client is not able to connect to the server directly on a specified port. If the firewall allows HTTP connections, you can use the ODBC driver with a properly configured web server to connect to the database server. The driver supports HTTP tunneling based on the PHP script.

A possible scenario of using HTTP tunneling: the client needs to access the database of a website from a remote machine, but access to the designated port of the database server is forbidden — only connections on the HTTP port 80 are allowed. To establish a connection in this situation, you must deploy the tunnel.php script, which is distributed with the driver, on the web server. It enables access to the database server through an HTTP tunnel. The script must be accessible through HTTP. You can verify the script accessibility using any web browser. The script file is located in the "C:\Program Files (x86)\Devart\ODBC\Redshift\http\tunnel.php" folder. The web server must support PHP 5 or later.

To set up an HTTP tunnel, specify the connection parameters on the HTTP and HTTPS Options tab under Security Settings.

Connecting to Amazon Redshift Through HTTP Tunnel

HTTP Tunneling Options

Option Description

Use Http

Enables HTTP tunneling.

Http Url

The URL of the PHP script for HTTP tunneling.

Http User Name

The username for the password-protected directory that contains the HTTP tunneling script.

Http Password

The password for the password-protected directory that contains the HTTP tunneling script.

Http Trust Server Certificate

Specifies whether to verify the server certificate during an SSL handshake. When True, the driver bypasses walking the certificate chain to verify the certificate. The default value is False.

Sample Connection String Using HTTP Tunneling

DRIVER=Devart ODBC Driver for Amazon Redshift;Data Source=myHost;Database=myDatabase;User ID=myUsername;Password=myPassword;Port=myPort;Use Http=True;Url=https://host/folder/tunnel.php;Http User Name=myHttpUsername;Http Password=myHttpPassword

Connecting Through HTTP Tunnel and Proxy Server

The HTTP tunneling server may be not be directly accessible from the client machine. In this case, you need to additionally provide connection information for the proxy server.

Connecting to Amazon Redshift Through Proxy and HTTP Tunnel

Proxy Options

Option Description

Proxy Host Name

The proxy hostname or IP address.

Proxy Port

The proxy port.

Proxy Username

The proxy username.

Proxy Password

The proxy password.

Sample Connection String Using HTTP Tunneling and Proxy Server

DRIVER=Devart ODBC Driver for Amazon Redshift;Data Source=myHost;Database=myDatabase;User ID=myUsername;Password=myPassword;Port=myPort;Use Http=True;Url=https://host/folder/tunnel.php;Http User Name=myHttpUsername;Http Password=myHttpPassword;Proxy Host Name=myProxyHost;Proxy Port=myProxyPort;Proxy User Name=myProxyUsername;Proxy Password=myProxyPassword

Additional Information

There is one more way to tunnel network traffic. The Secure Shell forwarding, or SSH, can be used for data forwarding. However, SSH is designed to encrypt traffic rather than traverse firewalls. The Connecting via SSH document describes how to set up an SSH connection in the ODBC Driver for Amazon Redshift.

Note that traffic tunneling or encryption increases the CPU and bandwidth usage. It is recommended that you use direct connection whenever possible.

© 2015-2021 Devart. All Rights Reserved. Request Support ODBC Forum Provide Feedback