Replication Service Connection for TLS 1.2 | Teradata Data Mover - 17.11 - Setting up a TLS 1.2 Connection for Replication Service - Teradata Data Mover

Teradata® Data Mover Installation, Configuration, and Upgrade Guide for Customers

Product
Teradata Data Mover
Release Number
17.11
Release Date
October 2021
Content Type
Administration
Configuration
Installation
Publication ID
B035-4102-091K
Language
English (United States)

Perform the following steps to set up TLS 1.2 for the PostgreSQL Replication Service using your own certificates:

  1. If active, stop the failover monitoring service:
    /opt/teradata/client/nn.nn/datamover/failover/dmcluster stopmonitor

    Where nn.nn in the path refers to the version numbers of Data Mover.

  2. Run the following on both the primary and secondary systems:
    1. Edit the /var/opt/teradata/postgres/data/postgresql.conf configuration file.
    2. Replace the following properties with your certificate files:
      • ssl_cert_file=server certificate
      • ssl_key_file=server private key
      • ssl_ca_file=trusted certificate authorities

      For more information on these properties, refer to https://www.postgresql.org/docs/10/runtime-config-connection.html#GUC-SSL-CERT-FILE.

    3. Stop the Daemon service:
      /etc/init.d/dmdaemon stop
    4. Stop the DSC service:
      /etc/init.d/dsc stop
    5. Restart the Postgres service:
      /etc/init.d/postgresql restart
    6. Start the DSC service:
      /etc/init.d/dsc start
    7. Start the Daemon service:
      /etc/init.d/dmdaemon start
  3. Start the failover monitoring service if it was previously configured:
    /opt/teradata/client/nn.nn/datamover/failover/dmcluster startmonitor