16.10 - When the Directory Supports SSL - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

If the directory server supports either SSL only, or SSL and TLS, you can use the following procedures to obtain the server certificate chain from each directory server instance that the Teradata Database, and Teradata Unity (if used) must access. The procedure collects the certificates into a directory and then creates hashes for them.

For each directory server to which Teradata Database must connect, run the following command from the Teradata command prompt:

openssl s_client -connect server_name:port -showcerts </dev/null

where:

  • server_name is the directory server DNS name
  • port is the port where SSL is listening, normally 636

The command produces output that shows the certificate chain.