Example: Create Signed Certificates and Private Keys on All Nodes Using ZIP Archives - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2024-04-05
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantageā„¢
  1. Generate CSRs:
    # tlsutil -c -z mydb.example.com

    Your result will be similar to the following:

    CSRs have been generated for all nodes (4 generated):
       /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb1.csr
       /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb2.csr
       /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb3.csr
       /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb4.csr
    CSRs have been archived in:
       /opt/teradata/tdat/tgtw/site/tls/tmpdir/zipfiles/all_csrs.tgz
  2. Sign the certificates using your defined process.
  3. Obtain the signed certificates.
  4. Run tar to archive them and place the archive here: /opt/teradata/tdat/tgtw/site/tls/tmpdir/zipfiles/all_certs.tgz
  5. Install the signed certificates and private keys:
    # tlsutil -i -z

    Result:

    Signed certificate and private key installed on 4 node(s).
  6. Remove the temporary files created from previous steps on each node.
    # tlsutil -r
  7. [Optional] Test that the certificates are valid:
    # tlsutil -t