- Generate CSRs:
# tlsutil -c -z mydb.example.com
Your result will be similar to the following:
CSRs have been generated for all nodes (4 generated): /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb1.csr /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb2.csr /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb3.csr /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb4.csr CSRs have been archived in: /opt/teradata/tdat/tgtw/site/tls/tmpdir/zipfiles/all_csrs.tgz
- Sign the certificates using your defined process.
- Obtain the signed certificates.
- Run tar to archive them and place the archive here: /opt/teradata/tdat/tgtw/site/tls/tmpdir/zipfiles/all_certs.tgz
- Install the signed certificates and private keys:
# tlsutil -i -z
Result:
Signed certificate and private key installed on 4 node(s).
- Remove the temporary files created from previous steps on each node.
# tlsutil -r
- [Optional] Test that the certificates are valid:
# tlsutil -t