Enabling SSL in Denodo Platform Tools

When SSL is enabled in a Denodo Platform server, all their clients have to trust the public key of the server. This includes the administration tools of the Denodo Platform.

If, instead of importing it into the <DENODO_HOME>/jre/lib/security/cacerts TrustStore, you created a new TrustStore, do the following steps. Otherwise, jump to the next section.

  1. Open the following files:
    • <DENODO_HOME>/conf/itp-admin-tool/ITPAdminConfiguration.properties (configuration file of the ITPilot Wrapper Generator Tool)
    • <DENODO_HOME>/conf/itpilot-client/ConfigurationParameters.properties
    • <DENODO_HOME>/conf/vdp-admin/VDBAdminConfiguration.properties (configuration file of the Virtual DataPort Administration Tool)
    • <DENODO_HOME>/tools/monitor/denodo-monitor/conf/ConfigurationParameters.properties (configuration file of the Denodo Monitor Tool)
  2. In the files opened in the previous step, uncomment the following property and change its value:
    • com.denodo.security.ssl.trustStore=path to the new TrustStore.

The scripts of the Denodo Tools do not have a configuration file. To redefine the default TrustStore that they use, you have to define the javax.net.ssl.trustStore Java system property. For example:

  • For Windows:
SET JAVA_OPTS=-Djavax.net.ssl.trustStore=<DENODO_HOME>/jre/lib/security/cacerts
  • For Unix:
export JAVA_OPTS=-Djavax.net.ssl.trustStore=<DENODO_HOME>/jre/lib/security/cacerts