Creating the CA Certificate Symlinks - Advanced SQL Engine - Teradata Database

Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
B035-1100
lifecycle
previous
Product Category
Teradata Vantageā„¢

You can create symlinks to help OpenSSL locate certificates faster. If a directory server provides a certificate, OpenSSL hashes the subject and serial number of the certificate, and then opens symlinks having the same hash code until it finds the certificate. The symlinks provide an indexing criteria that eliminates the need for OpenSSL to sift through every available certificate.

The previous Example: Certificate Chain example contains two certificates. You must store each of these certificates in a file before beginning the hashing process that creates the symlinks. OpenSSL cannot use these files directly. Instead, it uses a file with a filename that is the hash code (rendered in readable hexadecimal) and an extension that is a decimal number starting with 0 to be created, in the form:

hashcode.number

This scheme allows certificates that have identical hashes to be represented as separate symlinks.