IMDB Encryption
The Certificate Manager is where administrators can add, edit, and manage certificates used when Pyramid connects to various data sources. For In-Memory Databases (IMDB) only, you can add a Public + Private certificate pair. Adding the public key to the certificate manager adds it to the trust store. Installing the private key and associating it with your data source allows it to be used for your server-side connections.
Note: We can only manage private key encryption for In Memory Databases that are installed by Pyramid and are inside the Pyramid cluster. For more general information about certificates, see Certificate Manager.
Step 1 - Add your Public+Private Certificate Pair to Certificate Manager
From the Admin Console's Security > Certificate Manager page:
- Click Public+Private Certs.
- Specify the name and description of your certificate pair.
-
Specify your keys:
- In the Unencrypted Private Key (Base64) field, paste the unencrypted private key that you want to use for server-side connection authentication.
- In the Public Certificate (Base64) field, paste the unencrypted public key that you want to use for client-side connection authentication.
-
From the top of the Upload Certificate panel , click Save.
If your details are valid, the A restart is needed dialog opens. This dialog describes the services that need to be restarted and lets you choose when you want to restart and apply the changes to your certificates:- Click Restart Services Manually or close (X) to the top-right to close the dialog and manually restart your services at a convenient time in the future.
- Otherwise, click Restart Services Now.
The Add Certificate panel opens at the bottom of the page.
Tip: You will need to select this pair from the Secure Connection options for your IMDB data source (Data > Data Sources > Security) in a later step, so make sure this name is meaningful and easy to recognize.
Step 2 - Link to IMDB Data source in the Data Source pages
- From the main menu, click Data > Data Source.
- Locate your In Memory Database in the list and edit its Secure Connection to create the association between the data source and your private key:
Step 3 - Manually Restart your Services
If you did not restart your services automatically at the end of the upload process, you need to restart the following services to ensure your certificates are used:
For a public + private certificate pair, you need to restart:
- Runtime Engines.
- Task Engines.
- If the private certificate is assigned to an In Memory Database, that In Memory Database (IMDB) also needs restarting.
For details describing how to restart these services in Pyramid, see Restarting Services.