SSL Configuration in Single Mode - Teradata Ecosystem Manager

Teradata Ecosystem Manager Installation, Configuration, and Upgrade Guide for Customers

Product
Teradata Ecosystem Manager
Release Number
16.00
Published
December 2016
Language
English (United States)
Last Update
2018-03-29
dita:mapPath
zwe1470238783289.ditamap
dita:ditavalPath
3203_ICUCustomer_em_1600.ditaval.ditaval
dita:id
B035-3203
lifecycle
previous
Product Category
Analytical Ecosystem

ActiveMQ includes key and trust stores that reference a dummy self-signed cert. These cert files are located in the conf directory (/opt/teradata/tdactivemq/apache-activemq-5.13.1/conf):

  • broker.ks (broker's key)
  • broker.ts (broker's truststore)
  • client.ks (client's key)
  • client.ts (client's truststore)

The broker's trust store must include a copy of each client certificate that is allowed to connect to the broker. The client's trust store must contain the broker certificate for each broker to which any client may connect.

Before configuration, stop the empublisher on all clients with the command: /etc/init.d/empublisher stop

For all the Ecosystem Manager client systems that you are configuring with SSL, stop EM services on each client system. Run the command: /opt/teradata/client/em/bin/emstopall.sh

Follow these steps for SSL configuration on single server mode.