Steps to acquire SSL certificates for netezza
This guide outlines two methods to acquire SSL certificates for secure connection to a Netezza instance.
Acquire certificates via browser
1: Download certificates from browser
- Open the console link to the instance in any browser.
- Locate the lock icon or “Secure” indicator next to the URL.
- Click "Connection is secure", then click "Certificate is valid".
- In the certificate dialog, go to the "Details" tab.
- Under “Certificate Hierarchy”, select each certificate one by one and click "Export...".
- You should now have three certificates downloaded to your system.
2: Combine certificates
Create a file named certificate.crt
and paste the contents of the three certificates in the following order:
- Domain Certificate (starts with
*.eastus2.data...
) - Intermediate Certificate (ends with
CA1
) - Root Certificate (ends with
GA2
)
3: Use certificate to connect to netezza
Use the certificate.crt
file with the nzsql
utility:
$ nzsql -h xxxxxxxx -db system -securityLevel onlySecured -caCertFile certificate.crt -u admin -pw XXXXX
Welcome to nzsql, the IBM Netezza SQL interactive terminal.
Type: \h for help with SQL commands
\? for help on internal slash commands
\g or terminate with semicolon to execute query
\q to quit
SSL enabled connection. Cipher: TLS_AES_256_GCM_SHA384, bits: 256, protocol: TLSv1.3
SYSTEM.ADMIN(ADMIN)=> \q
You now have the certificate.crt
file ready. This file can be shared with the customer for secure access.