Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Security Domains
  5. Kerberos Authentication Setup
  6. Domain Security
  7. Security Management in Informatica Administrator
  8. Users and Groups
  9. Privileges and Roles
  10. Permissions
  11. Audit Reports
  12. Command Line Privileges and Permissions
  13. Custom Roles

Using a Self-Signed SSL Certificate

Using a Self-Signed SSL Certificate

You can connect to an LDAP server that uses an SSL certificate signed by a certificate authority (CA). By default, the Service Manager does not connect to an LDAP server that uses a self-signed certificate.
To use a self-signed certificate, import the self-signed certificate into a truststore file and use the INFA_JAVA_OPTS environment variable to specify the truststore file and password:
setenv INFA_JAVA_OPTS -Djavax.net.ssl.trustStore=<
TrustStoreFile
> -Djavax.net.ssl.trustStorePassword=<
TrustStorePassword
>
On Windows, configure INFA_JAVA_OPTS as a system variable.
Restart the node for the change to take effect. The Service Manager uses the truststore file to verify the SSL certificate.
keytool
is a key and certificate management utility that allows you to generate and administer keys and certificates for use with the SSL security protocol. You can use keytool to create a truststore file or to import a certificate to an existing truststore file. You can find the keytool utility in the following directory:
<PowerCenterClientDir>\CMD_Utilities\PC\java\bin
For more information about using keytool, see the documentation on the following web site: http://docs.oracle.com/javase/7/docs/technotes/tools/windows/keytool.html.
The software available for download at the referenced links belongs to a third party or third parties, not Informatica LLC. The download links are subject to the possibility of errors, omissions or change. Informatica assumes no responsibility for such links and/or such software, disclaims all warranties, either express or implied, including but not limited to, implied warranties of merchantability, fitness for a particular purpose, title and non-infringement, and disclaims all liability relating thereto.


Updated April 29, 2019