Revoke the Transient Credential Store Token | Teradata Query Service - Revoking the Transient Credential Store Token - Teradata Query Service

Teradata® Query Service Installation, Configuration, and Upgrade Guide for Customers

Product
Teradata Query Service
Release Number
3.01
Published
May 2019
Language
English (United States)
Last Update
2020-02-04
dita:mapPath
duo1557780353763.ditamap
dita:ditavalPath
ft:empty
dita:id
B035-2700
lifecycle
previous
Product Category
Analytical Ecosystem
You can invalidate all outstanding tokens if the credential store signing key has been compromised.
  1. Run /opt/teradata/rest/bin/keystore_admin.sh list.
  2. Run /opt/teradata/rest/bin/keystore_admin.sh create.
  3. If running multiple servers behind a load balancer, copy the file /etc/opt/teradata/rest/credentials.jks to the other servers.
  4. Run /opt/teradata/rest/bin/keystore_admin.sh delete id where id is the identification of the original private key entry id.
  5. If running multiple servers behind a load balancer, copy the file /etc/opt/teradata/rest/credentials.jks to the other servers.