Using gtwcontrol to Enable or Disable TLS and to Set the Port - Analytics Database - Teradata Vantage

Security Administration

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Analytics Database
Teradata Vantage
Release Number
17.20
Published
June 2022
Language
English (United States)
Last Update
2023-11-02
dita:mapPath
hjo1628096075471.ditamap
dita:ditavalPath
qkf1628213546010.ditaval
dita:id
zuy1472246340572
lifecycle
latest
Product Category
Teradata Vantage™
TLS can be disabled and later re-enabled by using the gtwcontrol TLS option.
By default TLS is enabled, but Gateway cannot accept TLS connections until the TLS certificates are deployed.

After your system is configured you can use gtwcontrol to change the settings on how you want Gateway to listen on the ports; for example, to listen on both TLS and HTTPS ports or to listen on one port only.

gtwcontrol --TLS [disable|enable|require|nolegacy][,trace=yes|no|all]
  1. To disable TLS:
    gtwcontrol --TLS disable
  2. Restart the database for the change to take effect:
    tpareset -f "Disabling TLS"

Listen on both HTTPS port and Legacy port. Accepts connection on both ports.

# gtwcontrol --TLS enable,trace=no

Listen on both HTTPS port and Legacy port and only accepts connections from HTTPS port

// Listen on both HTTPS port and Legacy port and only accept 
// connections from HTTPS port.
// Return an error for connections from the Legacy port.
# gtwcontrol --TLS require,trace=yes

Listen on Legacy port only

# gtwcontrol --TLS disable,trace=yes

Listen on HTTPS port only

# gtwcontrol --TLS nolegacy,trace=all
The database has to be restarted for the changes to take effect.

For more information, see Teradata Vantage™ - Database Utilities.