TDGSS LdapClientTlsKey Property | Teradata Vantage - 17.10 - LdapClientTlsKey - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

This property identifies the file that contains the private key that matches the certificate stored in the file named in the LdapClientTlsCert property. The LdapClientTlsKey value is required for mutual authentication of the directory and the database. See Using Mutual Authentication Between the Directory Server and Teradata Vantage.

Default Property Value

The default value of the LdapClientTlsKey property is "", meaning that no key file is specified.

Valid Settings

Setting Description
"" (default) No key file is specified
A valid filename The file must contain the private key that matches the certificate stored in the file named in the LdapClientTlsCert property.

Editing Guidelines

  • To set a value, you must manually add this property to the TDGSS configuration file for the LDAP mechanism. See About Editing Configuration Files.
  • Edit this property on nodes and on Unity. For more information, see Coordinating Mechanism Property Values for Unity.
  • You can edit LdapClientTlsKey in the TDGSS user configuration file to specify the file that contains the key for the certificate specified in the LdapClientTlsCert property.
    The Linux user under which Teradata Vantage runs must own and have read access to this file. Before Release 14.0, this permission was granted automatically. For new configurations on Release 14.0 or later, you must grant the permission manually.
  • If you use this property you must also configure the LdapClientTlsCert property.
  • Edits to this property for the LDAP mechanism apply to all supporting mechanisms.