Applies to:
Denodo 8.0
,
Denodo 7.0
,
Denodo 6.0
Last modified on: 22 Mar 2018
Tags:
SSL
Goal
This document describes how to configure VDP to connect to data sources that use an SSL connection.
Content
When Virtual DataPort establishes an SSL connection with a data source, the data source presents a certificate. Virtual DataPort relies on the Java Cryptography Architecture (JCA) to check if the certificate is valid. JCA accepts certificates signed by known Certificate Authorities (CA). To see the list of known CA execute the below command,
$cd <DENODO_HOME>/jre/bin
$keytool -list -keystore <JAVA_HOME>\lib\security\cacerts
However, if the certificate used by the server is signed by an authority not present in this list, you have to import this certificate into the list of trusted certificates (called TrustStore).
To import a certificate into the TrustStore of the Java Runtime Environment (JRE), execute the following commands:
$cd <DENODO_HOME>/jre/bin
$keytool -importcert -alias <name of the certificate> -file <newcertificate>.crt –keystore ../lib/security/cacerts
This command will prompt for the password of the TrustStore, which by default is “changeit” (without the quotes).
Explanation of the parameters:
To check that the certificate has been imported correctly, execute this command:
$keytool -list -v -alias <name of the certificate> -keystore ..\lib\security\cacerts
After adding a certificate, the Virtual DataPort server needs to be restarted to save the changes.