Here is the underlying problem:
Once your DBA has configured the back-end relational database to only accept SSL client connections, it is impossible to create (or use) a data source within Hyperion Planning's data source administration screen. This is because, unlike the EPM System Configurator, there is no checkbox for enabling SSL, and no input boxes to specify your Java keystore and password. This means we have to click the checkbox for a custom JDBC URL, and we must figure out the syntax ourselves.
After reaching multiple dead-ends, I stumbled upon the solution. Because I had already gone through the steps of configuring SSL for the various databases, and I deployed the applications to WebLogic, the JDBC URL syntax we need to emulate has already been provided!
On any of your EPM servers where you've deployed to WebLogic, navigate to this folder:
Let's walk through a specific example. Suppose we have already created our Java keystore with a default password of "changeme", as per Oracle's documentation within epm_security.pdf, and we've saved it as:
Furthermore, let's say we're using Microsoft SQL Server as our database (2008 or 2012, but you want to be using 2012 by now), and we have empty database named "Vision" for our new Planning data source.
In this scenario, here's the custom JDBC URL we'd copy & paste into the data source creation screen. Bear in mind, the text you see below is all one line. I've added linebreaks for ease of reading:
jdbc:weblogic:sqlserver://SQLSERVERHOSTNAME:1433; databaseName=Vision; ENCRYPTIONMETHOD=SSL; TRUSTSTORE=E:\Oracle\Middleware\ssl\myIdentity.jks; TRUSTSTOREPASSWORD=changeme; VALIDATESERVERCERTIFICATE="true"; loadLibraryPath=E:\Oracle\Middleware\wlserver_10.3\server\lib
Personally, I find configuring EPM for full end-to-end SSL extremely time consuming and tedious. My preference is to put an SSL offloader in front of Oracle HTTP Server, but some IT organizations are becoming increasingly concerned about hardening their data's security as it passes through their internal network.