17.10 - Working with Certificates and Private Keys - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

When security policy requires mutual authentication of the database, the Unity server, and the directory, you must install certificates and associated keys on each Teradata Vantage node and on the Unity server. These certificates are known as client certificates because for LDAP purposes, the database and Unity server are clients of the directory server. Client certificates must be in PEM format and conform to the requirements of the directory server being used. Coordinate with the directory administrator or the directory vendor to determine detailed certificate requirements.

Store the certificates and keys in separate files. Protect the file containing the private key very carefully. Anyone with this key can assume the identity of the database

You can store the certificates and keys in the same file, but it is not recommended.