17.10 - Working with Certificates and Private Keys - Advanced SQL Engine - Teradata Database

Teradata Vantage™ - Advanced SQL Engine Security Administration

Product
Advanced SQL Engine
Teradata Database
Release Number
17.10
Published
July 2021
Language
English (United States)
Last Update
2022-02-15
dita:mapPath
ppz1593203596223.ditamap
dita:ditavalPath
wrg1590696035526.ditaval
dita:id
zuy1472246340572

When security policy requires mutual authentication of the database, the Unity server, and the directory, you must install certificates and associated keys on each Teradata Vantage node and on the Unity server. These certificates are known as client certificates because for LDAP purposes, the database and Unity server are clients of the directory server. Client certificates must be in PEM format and conform to the requirements of the directory server being used. Coordinate with the directory administrator or the directory vendor to determine detailed certificate requirements.

Store the certificates and keys in separate files. Protect the file containing the private key very carefully. Anyone with this key can assume the identity of the database

You can store the certificates and keys in the same file, but it is not recommended.