Revoke the Transient Credential Store Token | Teradata Query Service - Revoking the Transient Credential Store Token - Teradata Query Service

Teradata® Query Service Installation, Configuration, and Usage Guide for Customers - 4.01.03.01, 4.01.07.00

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
Teradata Query Service
Release Number
4.01.03.01, 4.01.07.00
Published
September 2023
Language
English (United States)
Last Update
2024-02-16
dita:mapPath
qla1666844235399.ditamap
dita:ditavalPath
ft:empty
dita:id
enn1467244092237
Product Category
Analytical Ecosystem
You can invalidate all outstanding tokens if the credential store signing key has been compromised.
  1. Run /opt/teradata/rest/bin/keystore_admin.sh list.
  2. Run /opt/teradata/rest/bin/keystore_admin.sh create.
  3. If running multiple servers behind a load balancer, copy the file /etc/opt/teradata/rest/credentials.jks to the other servers.
  4. Run /opt/teradata/rest/bin/keystore_admin.sh delete id where id is the identification of the original private key entry id.
  5. If running multiple servers behind a load balancer, copy the file /etc/opt/teradata/rest/credentials.jks to the other servers.