Table of Contents

Search

  1. About the Security Guide
  2. Introduction to Informatica Security
  3. User Authentication
  4. LDAP Authentication
  5. Kerberos Authentication
  6. SAML Authentication for Informatica Web Applications
  7. Domain Security
  8. Security Management in Informatica Administrator
  9. Users and Groups
  10. Privileges and Roles
  11. Permissions
  12. Audit Reports
  13. Command Line Privileges and Permissions
  14. Custom Roles
  15. Default List of Cipher Suites

Import the Certificate into the Truststore Used for SAML Authentication

Import the Certificate into the Truststore Used for SAML Authentication

Import the assertion signing certificate used by the identity provider into the truststore file used for SAML authentication on every gateway node within the Informatica domain.
You can import the certificate into the default Informatica truststore file, or into a custom truststore file.
The file name of the default Informatica truststore file is
infa_truststore.jks
. The file is installed in the following location on each node:
<Informatica installation directory>\services\shared\security\infa_truststore.jks
Do not replace the default
infa_truststore.jks
file with a custom truststore file.
If you import the certificate into a custom truststore file, you must save the truststore file in a different directory than the directory containing the default Informatica truststore file. The truststore file name must be
infa_truststore.jks
.
You can use the Java keytool key and certificate management utility to create an SSL certificate or a certificate signing request (CSR) as well as keystores and truststores in JKS format. The keytool is available in the following directory on domain nodes:
<Informatica installation directory>\java\bin
If the domain nodes run on AIX, you can use the keytool provided with the IBM JDK to create an SSL certificate or a Certificate Signing Request (CSR) as well as keystores and truststores.
  1. Copy the certificate files to a local folder on a gateway node within the Informatica domain.
  2. From the command line, go to the location of the keytool utility on the node.
  3. Run the keytool utility to import the certificate.
  4. Restart the node.


Updated June 26, 2020