Create TLS Certificates for Replication and Client/Server
By default, TimesTen replication transmits data between your TimesTen databases unencrypted. In addition, in a TimesTen Client/Server environment, by default data is transmitted unencrypted between your application and your TimesTen database.
You can choose to enable encryption for replication and for Client/Server through the use of Transport Layer Security (TLS). TimesTen provides the ttCreateCerts
utility to generate self-signed certificates for TLS. For more information on TLS certificates and wallets, see About Using Certificates with Client/Server in the Oracle TimesTen In-Memory Database Security
Guide.
Note:
Java must be installed on your development host in order for you to use the ttCertsCreate
utility. The utility searches for Java according to the JRE_HOME
, JAVA_HOME
, and PATH
settings.
The ttCreateCerts
utility is located in the /bin
directory of a TimesTen instance. The utility creates three wallets: rootWallet
, clientWallet
, and serverWallet
.
From your Linux development host, perform these steps to create the certificates.
You have successfully created the certificates that can be used for TLS for both replication and TimesTen Client/Server. You are now ready to configure and use TLS for replication, for Client/Server, or for both replication and Client/Server.