Table of Contents

Search

  1. Preface
  2. Part 1: Introduction
  3. Part 2: Configuring Hub Console Tools
  4. Part 3: Building the Data Model
  5. Part 4: Configuring the Data Flow
  6. Part 5: Executing Informatica MDM Hub Processes
  7. Part 6: Configuring Application Access
  8. Appendix A: MDM Hub Properties
  9. Appendix B: Viewing Configuration Details
  10. Appendix C: Row-level Locking
  11. Appendix D: MDM Hub Logging
  12. Appendix E: Table Partitioning
  13. Appendix F: Collecting MDM Environment Information with the Product Usage Toolkit
  14. Appendix G: Informatica Platform Staging
  15. Appendix H: Informatica Platform Mapping Examples
  16. Appendix I: Glossary

Creating Keystores, Truststore, and Certificates (Optional)

Creating Keystores, Truststore, and Certificates (Optional)

After you install Elasticsearch, you can create keystores, truststore, and security certificates that are required to secure the communication between the MDM Hub and Elasticsearch. To create keystores, truststore, and certificates, run the
sip_ant
script on only one of the machines that has the Hub Server installed. Then, copy the keystores, truststore, and certificates to all the other machines on which the Hub Server is installed.
You can create keystores, truststore, and certificates without using the
sip_ant
script.
The following table describes the keystores and truststore that are required:
Keystore/Truststore Name
Description
MDM_ESCLIENT_FILE_JKS.keystore
Elasticsearch keystore that contains the client certificate and its key.
MDM_ESKEYSTORE_FILE_JKS.keystore
Elasticsearch keystore that contains the client and node certificates. If the Elasticsearch cluster has multiple nodes, all the nodes use the certificates.
MDM_ESTRUSTSTORE_FILE_JKS.keystore
Elasticsearch truststore that contains the signed certificate for the client and Elasticsearch nodes.
  1. Open a command prompt, and navigate to the following directory on one of the machines that has the Hub Server installed:
    <
    MDM Hub installation directory
    >/hub/server/bin
  2. To create the keystores, truststore, and certificates, run the following command:
    On UNIX.
    sip_ant.sh generate_mdm_es_store
    On Windows.
    sip_ant.bat generate_mdm_es_store
  3. When prompted for a password for the keystores and truststore, specify a password.
    The keystores, truststore, and certificates are created in the following directory:
    <
    MDM Hub installation directory
    >/hub/server/resources/certificates
  4. Copy the following keystores and truststore to the
    <Elasticsearch installation directory>/config
    directory of each Elasticsearch installation:
    • MDM_ESCLIENT_FILE_JKS.keystore
    • MDM_ESKEYSTORE_FILE_JKS.keystore
    • MDM_ESTRUSTSTORE_FILE_JKS.keystore
  5. Copy the following keystore and truststore to the
    <
    MDM Hub installation directory
    >/hub/server/resources/certificates
    directory of each Hub Server node that is part of the Elasticsearch cluster:
    • MDM_ESCLIENT_FILE_JKS.keystore
    • MDM_ESTRUSTSTORE_FILE_JKS.keystore

0 COMMENTS

We’d like to hear from you!