Toggle SSL or TCP after Installation | Teradata DSA | DSE | DSU - Toggling SSL or TCP after Installation - BAR - Data Stream Architecture

Teradata® DSA User Guide

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
VMware
Product
BAR
Data Stream Architecture
Release Number
17.20
Published
November 2022
Language
English (United States)
Last Update
2023-11-30
dita:mapPath
bis1632417576364.ditamap
dita:ditavalPath
vwp1576617377804.ditaval
dita:id
cyv1467242268519
Product Category
Software
Teradata Tools and Utilities
If you have SSL set up and you want to switch to TCP, you can use these steps with the toggle script. You also must remove and re-add the DSC Server in the BAR Setup portlet.

If you want to switch from TCP to SSL, you need to follow the steps in Enabling SSL - Setting Up Self-Signed Keys and Certificates in your installation guide. See Teradata® DSA - DSU Installation, Configuration, and Upgrade Guide, Teradata® DSA - DSE for Veritas NetBackup Installation, Configuration, and Upgrade Guide, or Teradata® DSA - DSE for IBM Spectrum Protect Installation, Configuration, and Upgrade Guide.

  1. Remove the DSC Server using the BAR Setup portlet (see Removing a DSC Server).
  2. To toggle SSL for each client component (DSC, DSARest, BARCmdline, and ClientHandler), run the toggle script on each client.
    ./ssl_jms_toggle.sh is located in each client's installed directory:
    • $DSA_DSC_ROOT
    • $BARCMDLINE_ROOT
    • $CLIENTHANDLER_ROOT
    Syntax: ssl_jms_toggle.sh [ DSC | DSARest | BARCmdline | ClientHandler ] [ tcp | ssl ] [ 61616 | 61617 ]
    For example: ssl_jms_toggle.sh DSC ssl 61617
    For ClientHandler the following is true:
    • The script prompts you for the SSL keystore password. This is the client's keystore password.
      Important: If DSARest web service is https, the SSL keystore password must match the DSARest web service keystore password.

      If you want to switch from TCP to SSL, you need to follow the steps in Enabling SSL - Setting Up Self-Signed Keys and Certificates in your installation guide. See Teradata® DSA - DSU Installation, Configuration, and Upgrade Guide, Teradata® DSA - DSE for Veritas NetBackup Installation, Configuration, and Upgrade Guide, or Teradata® DSA - DSE for IBM Spectrum Protect Installation, Configuration, and Upgrade Guide.

    • If clienthandler.properties contains multiple brokers, the script asks if you want to use the same port number for all brokers.
      • y - All port numbers are changed to the number listed in the command
      • n - Port numbers are left as is. To change any broker port numbers, you must change them in broker.list in clienthandler.properties.
  3. Add the DSC server using the BAR Setup portlet (see Enabling or Adding a DSC Server), select SSL or TCP as the Broker Connectivity and Broker Port.
  4. From the BAR Setup portlet, select your DSC Server, and click Systems and Nodes under Categories.
  5. Select the system name under Systems, then System Details under Setup.
  6. To enable SSL, under SSL Communication:
    1. Check the Enable SSL over JMS Communication box.
    2. Enter the keystore password in the Truststore Password box.
    3. Click Apply, then follow on-screen instructions.
  7. To configure TCP, under SSL Communication:
    1. Clear the Enable SSL over JMS Communication box.
    2. Remove the keystore password from the Truststore Password box.
    3. Click Apply, then follow on-screen instructions.
  8. Restart the DSMain process on DSC server for the repository database cnsterm 6:
    1. Stop bardsmain:
      cnsterm 6
      start bardsmain -s
    2. Start bardsmain:
      cnsterm 6
      start bardsmain