8.12 Veridata Keystore Files

PKCS#12 Keystores in Veridata

Veridata uses PKCS#12 keystore files for web SSL and for the vericom command-line tool. The Veridata Configuration Assistant can create the vdtWebKeystore.p12 web keystore by using either of the following options:

  • Use Veridata Self-Signed Certificate
  • Upload Custom PEM Files
vdtWebKeystore.p12 with a self-signed certificate
When you select Veridata Self-Signed Certificate, Veridata generates a private key and a self-signed TLS certificate, and then packages them into the vdtWebKeystore.p12 PKCS#12 keystore. This keystore is used for Veridata web SSL.
  • Keystore file: vdtWebKeystore.p12
  • Purpose: Stores the self-signed TLS certificate and private key used for Veridata web SSL
  • Key Generation Method: Veridata uses openssl genrsa to generate the private key
  • Algorithm: RSA
  • Key Length: 2048 bits
  • Certificate Validity: 30 days
vdtWebKeystore.p12 with a custom certificate
When you select Upload Custom PEM Files, Veridata packages the user-provided server certificate, private key, and CA certificate chain into the vdtWebKeystore.p12 PKCS#12 keystore. In this case, Veridata does not generate the key or certificate.
  • Keystore file:vdtWebKeystore.p12
  • Purpose : Stores the user-provided server certificate, private key, and CA certificate chain used for Veridata web SSL
  • Key Generation Method: Not generated by Veridata; the existing user-provided key and certificate are packaged into PKCS#12 format
  • Algorithm: Determined by the user-provided key and certificate
  • Key Length: Determined by the user-provided key
  • Certificate Validity: Determined by the validity period of the user-provided certificate
veridata-23c.p12 file
The veridata-23c.p12 file is located in the cli/config directory. This PKCS#12 keystore contains a Veridata self-signed certificate and is used by the Veridata vericom command-line tool.
  • Keystore File: veridata-23c.p12
  • Purpose: Stores the self-signed TLS certificate and private key used by the vericom command-line tool
  • Key Generation Method: Veridata uses openssl genrsa to generate the private key
  • Algorithm: RSA
  • Key Length: 2048 bits
  • Certificate Validity: 30 days

MySQL Key Files

For details on MySQL key files and secure connections, refer to the official MySQL documentation: https://dev.mysql.com/doc/mysql-secure-deployment-guide/8.0/en/secure-deployment-secure-connections.html.

Parent topic: Secure