Revoke the Transient Credential Store Token | Teradata Query Service - 3.01 - Revoking the Transient Credential Store Token - Teradata Query Service

Teradata® Query Service Installation, Configuration, and Upgrade Guide for Customers

prodname
Teradata Query Service
vrm_release
3.01
created_date
May 2019
category
Configuration
Installation
featnum
B035-2700-059K
You can invalidate all outstanding tokens if the credential store signing key has been compromised.
  1. Run /opt/teradata/rest/bin/keystore_admin.sh list.
  2. Run /opt/teradata/rest/bin/keystore_admin.sh create.
  3. If running multiple servers behind a load balancer, copy the file /etc/opt/teradata/rest/credentials.jks to the other servers.
  4. Run /opt/teradata/rest/bin/keystore_admin.sh delete id where id is the identification of the original private key entry id.
  5. If running multiple servers behind a load balancer, copy the file /etc/opt/teradata/rest/credentials.jks to the other servers.