Enabling SAML Authentication in an Informatica 10.2.x Domain

Enabling SAML Authentication in an Informatica 10.2.x Domain

Step 3. Import the Certificate into the Truststore Used for SAML Authentication

Step 3. Import the Certificate into the Truststore Used for SAML Authentication

Import the assertion signing certificate into the truststore file used for SAML authentication on every gateway node within the Informatica domain.
You can import the certificate into the default Informatica truststore file, or into a custom truststore file.
The file name of the default Informatica truststore file is
infa_truststore.jks
. The file is installed in the following location on each node:
<Informatica installation directory>\services\shared\security\infa_truststore.jks
Do not replace the default
infa_truststore.jks
file with a custom truststore file.
If you import the certificate into a custom truststore file, you must save the truststore file in a different directory than the directory containing the default Informatica truststore file. The truststore file name must be
infa_truststore.jks
.
You can use the Java keytool key and certificate management utility to create an SSL certificate or a certificate signing request (CSR) as well as keystores and truststores in JKS format. The keytool is available in the following directory on domain nodes:
<Informatica installation directory>\java\bin
If the domain nodes run on AIX, you can use the keytool provided with the IBM JDK to create an SSL certificate or a Certificate Signing Request (CSR) as well as keystores and truststores.
  1. Copy the certificate files to a local folder on a gateway node within the Informatica domain.
  2. From the command line, go to the location of the keytool utility on the node.
  3. Run the keytool utility to import the certificate.
  4. Restart the node.

0 COMMENTS

We’d like to hear from you!