Create a Hortonworks Self-Signed Certificate | Teradata Studio/Studio Express - Creating a Hortonworks Self-Signed Certificate - Teradata Studio

Teradata® Studio™ Express User Guide - 17.20

Teradata Studio
Release Number
September 2022
English (United States)
Last Update
Product Category
Teradata Tools and Utilities
If you use a Knox Gateway to connect to a Hortonworks Hadoop system, and the Knox Gateway uses a certificate that is not issued by a trusted certificate authority (for example, it uses a self-signed certificate), you must retrieve the certificate used by the Knox server and install it in your Java Runtime certificate store.
  1. Do one of the following:
    Option Action
    From the Knox server

    Run the command: keytool -export -alias gateway-identity -rfc -file knox.crt -keystore <path to gateway.jks keystore.

    For example: /usr/lib/knox/data/security/keystore/gateway.jks

    From a web browser
    Follow your browser's instructions for exporting a certificate. For example, if you use Chrome:
    1. Enter the Knox server:port in the address bar. You will see a message that the connection is not private.
    2. Click the Google customize and control icon in the upper right hand corner of the window to open the drop-down menu. Depending on your version of Google, this may appear as an orange circular icon or three vertical dots.
    3. Select More tools and then Developer tools.
    4. In the Developer tools view, select the Security tab.
    5. Click View certificate.
    6. Select the Details tab in the resulting dialog and click Copy to file....
    7. Save the certificate as Base-64 encoded.
  2. Install the certificate into your Java Runtime certificate store:
    %JDK_HOME%\bin\keytool.exe -importcert -alias "TDH240 Knox self-signed certificate" -file cert_location/<filename>.txt -keystore %JRE_HOME%\lib\security\cacerts
    • %JDK_HOME% is an environment variable with the location of a JDK
    • %JRE_HOME% is the location of the JRE used to run Studio
    The keytool.exe prompts for the password to the certificate store. The password is changeit unless you have already changed it.