Configuring the SSL certificate
About this task
By default, the system and clients do not use peer authentication to verify each other's identity. If you want to authenticate connection peers, you must create or obtain from a CA vendor the server certificate and keys file and the CA root certificate for the client users. The Netezza Performance Server system has a default set of server certificates and keys files (server-cert.pem and server-keys.pem) in the /nz/data/security directory. Netezza Performance Server supports files that use the .pem format.
If you use your own CA certificate files, make sure that you save the server CA files in a location under the /nz directory. If you have an HA Netezza Performance Server system, save the certificates on the shared drive under /nz so that either host can access the files by using the same path name. You must also edit the /nz/data/postgresql.conf file to specify your server certificate files.
To edit the postgresql.conf file to add your own CA server certificate and keys files, complete the following steps:
Procedure
Results
Any changes that you make to the postgresql.conf file take effect the next time that the Netezza Performance Server system is stopped and restarted.