16.10 - When the Directory Supports SSL - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

If the directory server supports either SSL only, or SSL and TLS, you can use the following procedures to obtain the server certificate chain from each directory server instance that the Teradata Database, and Teradata Unity (if used) must access. The procedure collects the certificates into a directory and then creates hashes for them.

For each directory server to which Teradata Database must connect, run the following command from the Teradata command prompt:

openssl s_client -connect server_name:port -showcerts </dev/null

where:

  • server_name is the directory server DNS name
  • port is the port where SSL is listening, normally 636

The command produces output that shows the certificate chain.