Example: Create Signed Certificates and Private Keys on All Nodes Using ZIP Archives - Advanced SQL Engine

Example: Create Signed Certificates and Private Keys on All Nodes Using ZIP Archives - Advanced SQL Engine - Teradata Database

Security Administration

Product

Advanced SQL Engine

Teradata Database

Release Number

17.10

Published

July 2021

Language

English (United States)

Last Update

2022-02-15

dita:mapPath

ppz1593203596223.ditamap

dita:ditavalPath

wrg1590696035526.ditaval

dita:id

B035-1100

lifecycle

Product Category

Teradata Vantage™

Generate CSRs:

# tlsutil -c -z mydb.example.com

Your result will be similar to the following:

CSRs have been generated for all nodes (4 generated):
   /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb1.csr
   /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb2.csr
   /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb3.csr
   /opt/teradata/tdat/tgtw/site/tls/tmpdir/newcsrs/gtwcsr.mydb4.csr
CSRs have been archived in:
   /opt/teradata/tdat/tgtw/site/tls/tmpdir/zipfiles/all_csrs.tgz

The customer signs the certificates using a customer-defined process.
Obtain the signed certificates. Run "tar" to archive them and place the archive here: /opt/teradata/tdat/tgtw/site/tls/tmpdir/zipfiles/all_certs.tgz

Install the signed certificates and private keys:

# tlsutil -i -z

Result:

Signed certificate and private key installed on 4 node(s).

Remove the temporary files created from previous steps on each node.
```
# tlsutil -r
```
Optional. Test that the certificates are valid:
```
# tlsutil -t
```