16.10 - Working with Certificates and Private Keys - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

When security policy requires mutual authentication of the database, the Unity server, and the directory, you must install certificates and associated keys on each Teradata Database node and on the Unity server. These certificates are known as client certificates because for LDAP purposes, the database and Unity server are clients of the directory server. Client certificates must be in PEM format and conform to the requirements of the directory server being used. Coordinate with the directory administrator or the directory vendor to determine detailed certificate requirements.

Store the certificates and keys in separate files. Protect the file containing the private key very carefully. Anyone with this key can assume the identity of the database

You can store the certificates and keys in the same file, but it is not recommended.