Table of Contents

Search

  1. Preface
  2. Part 1: Installation Getting Started
  3. Part 2: Before You Install the Services
  4. Part 3: Run the Services Installer
  5. Part 4: After You Install the Services
  6. Part 5: Informatica Client Installation
  7. Part 6: Uninstallation
  8. Appendix A: Starting and Stopping Informatica Services
  9. Appendix B: Connecting to Databases from UNIX or Linux
  10. Appendix C: Connecting to Databases from Windows
  11. Appendix D: Updating the DynamicSections Parameter of a DB2 Database

Installation for PowerCenter and Data Quality

Installation for PowerCenter and Data Quality

Domain Security - Secure Communication

Domain Security - Secure Communication

After you configure the domain, you can configure domain security.
  1. On the
    Domain Security - Secure Communication
    page, specify whether to use the default Informatica SSL certificates or to use your SSL certificates to enable secure communication in the domain.
    This image describes about selecting the security certificates to secure the domain.
    The following table describes the SSL certificate options for securing the Informatica domain:
    Option
    Description
    Use the default Informatica SSL certificates
    Use the default SSL certificates provided by Informatica.
    If you do not provide an SSL certificate, Informatica uses the same default private key for all Informatica installations. If you use the default Informatica keystore and truststore files, the security of your domain could be compromised. To ensure a high level of security for the domain, select the option to specify the location of the SSL certificate files.
    Use custom SSL certificates
    Specify the path of the keystore and truststore files that contain the SSL certificates.
    You can provide a self-signed certificate or a certificate issued by a certificate authority (CA). You must provide SSL certificates in PEM format and in Java Keystore (JKS) files.
    Informatica requires specific names for the SSL certificate files for the Informatica domain. You must use the same SSL certificates for all nodes in the domain.
    Store the truststore and keystore files in a directory accessible to all the nodes in the domain and specify the same keystore file directory and truststore file directory for all nodes in the same domain.
    To set the private truststore files, you must manually import the certificates. Run the
    keytool
    command in the
    <INFA_JDK_HOME>
    directory to import the private truststore certificates. For example, use the following keytool command:
    keytool -noprompt -importkeystore -srckeystore <source truststore file path> -srcstorepass <source truststore file password> -srcalias <alias> -srcstoretype JKS -destkeystore <destination truststore file path> -deststorepass <destination truststore file password> -keypass <private key password> -deststoretype JKS
  2. If you provide the security certificates, specify the location and passwords of the keystore and truststore files.
    The following table describes the parameters that you must enter for the SSL certificate files:
    Property
    Description
    Keystore file directory
    Directory that contains the keystore files. The directory must contain files named infa_keystore.jks and infa_keystore.pem.
    Keystore password
    Password for the keystore infa_keystore.jks.
    Truststore file directory
    Directory that contains the truststore files. The directory must contain files named infa_truststore.jks and infa_truststore.pem.
    Truststore password
    Password for the infa_truststore.jks file.
  3. Click
    Next
    .
    The
    Domain Configuration Repository
    page appears.