17.10 - Checking the Directory Server Certificates - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

Advanced TLS options require the presence of one or more security certificates on the directory server. You can consult the directory manufacturer documentation for certificate installation procedures and requirements.

The OpenLDAP standard supports only PEM formatted certificates, and does not allow locking the PEM certificate with a pass phrase.

A certificate offered by the directory server must include the fully qualified DNS name of the directory server as a value for the CN attribute of its subject. This requirement is enforced by OpenSSL and OpenLDAP. If the directory server certificate does not conform to this requirement it is not be usable by TDGSS.