TDGSS LdapClientTlsReqCert Property | Teradata Vantage - 17.10 - LdapClientTlsReqCert - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Release Date
July 2021
Content Type
Administration
Security
Publication ID
B035-1100-171K
Language
English (United States)

The LdapClientTlsReqCert property specifies what checks to perform on directory server certificates (if any), in a TLS-protected session. This property is required when Teradata Vantage authenticates the directory server.

Valid Settings

Setting Description
never (default) The database does not require the directory server to provide a certificate, even if CA Certs or CRLs are configured.
allow Vantage asks the directory server for a certificate. If it does not provide a certificate, or if it provides an invalid certificate, the connection proceeds normally.
try Vantage asks the directory server for a certificate. If the directory server:
  • Does not provide a certificate, the connection proceeds normally
  • Provides an invalid certificate, the connection terminates.
demand Vantage asks the directory server for a certificate. If it does not provide a certificate, or if it provides an invalid certificate, the connection terminates.

Editing Guidelines