Table of Contents

Search

  1. Preface
  2. Introduction to Data Engineering Administration
  3. Authentication
  4. Running Mappings on a Cluster with Kerberos Authentication
  5. Authorization
  6. Cluster Configuration
  7. Cloud Provisioning Configuration
  8. Data Integration Service Processing
  9. Appendix A: Connections Reference
  10. Appendix B: Monitoring REST API

Import Security Certificates from a TLS-Enabled Domain

Import Security Certificates from a TLS-Enabled Domain

When the domain is configured to use TLS, you must import the certificates to the default or custom truststore file that the Informatica domain uses.
Default truststore file
If the domain is TLS-enabled and the cluster uses server managed keys, you must import the Baltimore CyberTrust Root certificate to the default truststore file.
Use the
keytool
utility to import the security certificate.
The default truststore file is located in the following directory:
<Informatica installation home>/services/shared/security/infa_truststore.jks
Custom truststore file
If the domain is TLS-enabled with a custom truststore file, and the cluster uses server managed keys, get the custom truststore file location from Informatica Administrator, and then import the Baltimore CyberTrust Root certificate to the custom truststore file.
Use the
keytool
utility to import the security certificate.
To get the custom truststore file location, perform the following steps:
  1. In the Administrator tool, click the Manage tab.
  2. Click the Services and Nodes view.
  3. In the Domain Navigator, select the domain.
  4. Get the custom truststore file location from the domain properties.
You can download the Baltimore CyberTrust Root certificates from https://www.digicert.com/digicert-root-certificates.htm.
For more information about downloading the certificates, see https://docs.microsoft.com/en-us/azure/java-add-certificate-ca-store.

0 COMMENTS

We’d like to hear from you!