Hi, I'm Ask INFA!
What would you like to know?
ASK INFAPreview
Please to access Ask INFA.
Communities
A collaborative platform to connect and grow with like-minded Informaticans across the globe
Product Communities
Connect and collaborate with Informatica experts and champions
Discussions
Have a question? Start a Discussion and get immediate answers you are looking for
User Groups
Customer-organized groups that meet online and in-person. Join today to network, share ideas, and get tips on how to get the most out of Informatica
Get Started
Community Guidelines
Knowledge Center
Troubleshooting documents, product guides, how to videos, best practices, and more
Knowledge Base
One-stop self-service portal for solutions, FAQs, Whitepapers, How Tos, Videos, and more
Support TV
Video channel for step-by-step instructions to use our products, best practices, troubleshooting tips, and much more
Documentation
Information library of the latest product documents
Velocity (Best Practices)
Best practices and use cases from the Implementation team
Learn
Rich resources to help you leverage full capabilities of our products
Trainings
Role-based training programs for the best ROI
Certifications
Get certified on Informatica products. Free, Foundation, or Professional
Product Learning Paths
Free and unlimited modules based on your expertise level and journey
Resources
Library of content to help you leverage the best of Informatica products
Tech Tuesdays Webinars
Most popular webinars on product architecture, best practices, and more
Product Availability Matrix
Product Availability Matrix statements of Informatica products
SupportFlash
Monthly support newsletter
Support Documents
Informatica Support Guide and Statements, Quick Start Guides, and Cloud Product Description Schedule
Product Lifecycle
End of Life statements of Informatica products
Ideas
Events
Change Request Tracking
Marketplace
English
  • Cloud Data Integration for PowerCenter
  • All Products

Table of Contents

Search

  1. Preface
  2. Getting started
  3. Before you begin
  4. Installing Secure Agents
  5. Create a CDI-PC domain
  6. Join a CDI-PC domain
  7. Run the silent installer
  8. Resuming an installation
  9. Before you migrate the Informatica domain
  10. Migrate the domain
  11. Migrate the domain with changes to node configuration
  12. Migrate the domain in silent mode
  13. After you migrate the domain
  14. Install the CDI-PC Client
  15. EBF installation
  16. Uninstall Cloud Data Integration for PowerCenter (CDI-PC)
  17. Uninstalling the CDI-PC Client
  18. Uninstalling the Secure Agent
  19. Appendix A: CDI-PC components

Installation Guide

Installation Guide

Back Next

Configure domain settings and secure communication

Configure domain settings and secure communication

Choose to create a domain and enter port and keystore file information to configure secure configuration between the
CDI-PC domain
 and the Administrator tool.
  1. Select
    Create a domain
    .
    When you create a domain, the node that you create becomes a gateway node in the domain. The gateway node contains a Service Manager that manages all domain operations.
  2. Enter the HTTPS port number for the Administrator tool.
    Default is 8443.
  3. Enter the absolute path to the custom keystore file to configure secure communication between the Administrator tool and the domain.
    Use the keystore that's in
    .jks
     format.
  4. Enter the keystore password.
  5. To configure Security Assertion Markup Language (SAML) based single sign-on (SSO) support for web-based Informatica applications in an Informatica domain, select the checkbox to enable SAML authentication.
    If you do not want to enable SAML authentication option, skip to Configure secure communication.
  6. Click
    Next
    .
    If you select the checkbox to enable SAML authentication option, the
    SAML Authentication
     page appears.
  7. Enter the Identity Provider URL for the domain.
  8. Specify the relying party trust name or the service provider identifier for the domain as defined in the identity provider.
    If you choose
    No
    , the service provider identifier is set to
    Informatica
    .
  9. Specify whether or not the IdP will sign the SAML assertion.
  10. Enter the identity provider assertion signing certificate alias name.
  11. Provide the password to access the private key to use when decrypting the assertion encryption key.
  12. Enter the directory where you store your custom TLS certificates to enable SAML authentication in the domain.
    Specify the directory only, not the full path to the file.
  13. Specify the location and passwords of the keystore and truststore files.
    The following table describes the location and password of the truststore and keystore files:
    Property
    Description
    Truststore Directory
    The directory containing the custom truststore file. Specify the directory only, not the full path to the file.
    Truststore Password
    The password for the custom truststore file.
    Keystore Directory
    The directory containing the custom keystore file.
    Keystore Password
    The password for the custom keystore file.
  14. To specify the
    Authentication Context Comparison
    , specify the strength comparison of the authentication mechanism used by the user with the IdP server.
    Supported values are MINIMUM, MAXIMUM, BETTER, or EXACT option. Default is MINIMUM.
  15. To set the
    Authentication Context Class
    , specify the expected mechanism of first time authentication of the user with the IdP server.
    Supported values are PASSWORD or PASSWORDPROTECTEDTRANSPORT. Default is PASSWORD.
  16. Specify whether or not you want to enable the webapp to sign the SAML authentication request.
    Default is disabled.
  17. Specify the alias name of the private key that was imported to the node SAML keystore using which the SAML request should be signed.
  18. Specify the password to access the private key used for signing the SAML request.
  19. Specify the algorithm that the web application uses to sign the SAML request.
    Use one of the following values:
    RSA_SHA256, DSA_SHA1, DSA_SHA256, RSA_SHA1, RSA_SHA224, RSA_SHA384, RSA_SHA512, ECDSA_SHA1, ECDSA_SHA224, ECDSA_SHA256, ECDSA_SHA384, ECDSA_SHA512, RIPEMD160, or RSA_MD5
    .
  20. Specify whether or not you want IdP to sign the SAML response.
    Choose this to enable the webapp to receive the signed SAML response. Default is disabled.
  21. Specify whether or not IdP will encrypt the SAML assertion.
    Choose this to enable the webapp to receive an encrypted SAML assertion. Default is enabled.
  22. Specify the alias name of the private key present in the gateway node SAML truststore that Informatica uses to decrypt the SAML assertion.
  23. Provide the password to access the private key to use when decrypting the assertion encryption key.
  24. Click
    Next
    .
    The
    Domain Security - Secure Connection
     page appears.
0 COMMENTS
We’d like to hear from you!