Table of Contents

Search

  1. Preface
  2. Part 1: Hadoop Integration
  3. Part 2: Databricks Integration
  4. Appendix A: Connections Reference

Import Security Certificates from a TLS-Enabled Domain

Import Security Certificates from a TLS-Enabled Domain

When the domain is configured to use TLS, you must import the certificates to the default or custom truststore file that the Informatica domain uses.
Default truststore file
If the domain is TLS-enabled and the cluster uses server managed keys, you must import the Baltimore CyberTrust Root certificate to the default truststore file.
Use the
keytool
utility to import the security certificate.
The default truststore file is located in the following directory:
<Informatica installation home>/services/shared/security/infa_truststore.jks
Custom truststore file
If the domain is TLS-enabled with a custom truststore file, and the cluster uses server managed keys, get the custom truststore file location from Informatica Administrator, and then import the Baltimore CyberTrust Root certificate to the custom truststore file.
Use the
keytool
utility to import the security certificate.
To get the custom truststore file location, perform the following steps:
  1. In the Administrator tool, click the Manage tab.
  2. Click the Services and Nodes view.
  3. In the Domain Navigator, select the domain.
  4. Get the custom truststore file location from the domain properties.
You can download the Baltimore CyberTrust Root certificates from https://www.digicert.com/digicert-root-certificates.htm.
For more information about downloading the certificates, see https://docs.microsoft.com/en-us/azure/java-add-certificate-ca-store.