16.00 - SSL Configuration in Single Mode - Teradata Ecosystem Manager

Teradata Ecosystem Manager Installation, Configuration, and Upgrade Guide for Customers

prodname
Teradata Ecosystem Manager
vrm_release
16.00
created_date
December 2016
category
Configuration
Installation
featnum
B035-3203-116K

ActiveMQ includes key and trust stores that reference a dummy self-signed cert. These cert files are located in the conf directory (/opt/teradata/tdactivemq/apache-activemq-5.13.1/conf):

  • broker.ks (broker's key)
  • broker.ts (broker's truststore)
  • client.ks (client's key)
  • client.ts (client's truststore)

The broker's trust store must include a copy of each client certificate that is allowed to connect to the broker. The client's trust store must contain the broker certificate for each broker to which any client may connect.

Before configuration, stop the empublisher on all clients with the command: /etc/init.d/empublisher stop

For all the Ecosystem Manager client systems that you are configuring with SSL, stop EM services on each client system. Run the command: /opt/teradata/client/em/bin/emstopall.sh

Follow these steps for SSL configuration on single server mode.