Table of Contents

Search

  1. Preface
  2. Part 1: Hadoop Integration
  3. Part 2: Databricks Integration
  4. Appendix A: Connections Reference

Import Security Certificates to Clients

Import Security Certificates to Clients

When you use custom, special, or self-signed security certificates to secure the Hadoop cluster, Informatica clients that connect to the cluster require these certificates to be present in the client machine truststore.
Perform this task in the following situations:
  • You are integrating for the first time.
  • You upgraded from version 10.1.1 or earlier.
To connect to the Hadoop cluster to develop a mapping, the Developer tool requires security certificate aliases on the machine that hosts the Developer tool. To run a mapping, the machine that hosts the Data Integration Service requires these same certificate alias files.
Perform the following steps from the Developer tool host machine, and then repeat them from the Data Integration Service host machine:
  1. Run the following command to export the certificates from the cluster:
    keytool -export -alias <alias name> -keystore <custom.truststore file location> -file <exported certificate file location> -storepass <password>
    For example,
    keytool -export -alias <alias name> -keystore ~/custom.truststore -file ~/exported.cer
    The command produces a certificate file.
  2. Choose to import security certificates to an SSL-enabled domain or a domain that is not SSL-enabled using the following command:
    keytool -import -trustcacerts -alias <alias name> -file <exported certificate file location> -keystore <java cacerts location> -storepass <password>
    For example,
    keytool -import -alias <alias name> -file ~/exported.cer -keystore <Informatica installation directory>/java/jre/lib/security/cacerts