During connection of the Unity proxy to a Teradata Database system, Unity and the Teradata Gateway mutually authenticate. Each side of the connection (each peer) digitally signs the DH public key using their private key. Then each side verifies the digital signature of its peer using the public key embedded in the certificate it receives from the peer. Rather than signing the 2048 bit DH public key, each peer takes a hash of the key and then signs the hashed data with the private key.
The SigningHashAlgorithm property indicates what hash algorithm is applied to the DH public key before performing the signature operation.
Default Property Value
The default setting is “SHA256”.
|“SHA256” (default)||Specifies the SHA256 algorithm.|
|“SHA512”||Specifies the SHA512 algorithm, for stronger encryption.|
Supporting Mechanisms for SigningHashAlgorithm
|PROXY||May Be Edited|
- Use the default setting if possible.
- Edit this property only on a Teradata Database system connected to Unity. As part of the token exchanges, the Teradata Gateway communicates the hash algorithm to Unity.
- You can specify SHA512 for stronger hash encryption during proxy authentication, but there is a slight degradation in logon performance if the stronger encryption is used.
Also see Coordinating Mechanism Property Values.