Revoke the Transient Credential Store Token | Teradata Query Service - Revoking the Transient Credential Store Token - Teradata Query Service

Teradata® Query Service Installation, Configuration, and Upgrade Guide for Customers

Product
Teradata Query Service
Release Number
4.01
Published
April 2020
Language
English (United States)
Last Update
2020-04-22
dita:mapPath
lvp1586445177708.ditamap
dita:ditavalPath
ft:empty
dita:id
B035-2700
lifecycle
previous
Product Category
Analytical Ecosystem
You can invalidate all outstanding tokens if the credential store signing key has been compromised.
  1. Run /opt/teradata/rest/bin/keystore_admin.sh list.
  2. Run /opt/teradata/rest/bin/keystore_admin.sh create.
  3. If running multiple servers behind a load balancer, copy the file /etc/opt/teradata/rest/credentials.jks to the other servers.
  4. Run /opt/teradata/rest/bin/keystore_admin.sh delete id where id is the identification of the original private key entry id.
  5. If running multiple servers behind a load balancer, copy the file /etc/opt/teradata/rest/credentials.jks to the other servers.