Continuent Documentation

Manual Home
Tungsten Replicator 7.1 Manual
Page in Other Manuals
Tungsten Replicator 7.0 Manual
Tungsten Clustering (for MySQL) 6.1 Manual
Tungsten Clustering (for MySQL) 7.1 Manual
Tungsten Replicator 6.1 Manual
Tungsten MI (TMI)
Tungsten Clustering (for MySQL) 8.0 Manual
Tungsten Replicator 8.0 Manual
Tungsten Clustering (for MySQL) 7.0 Manual
Breadcrumbs
> Tungsten Replicator 7.1 Manual

       > 9. The tpm Deployment Command

       > 9.5. tpm Commands

       > 9.5.2. tpm cert Command
Chapters
Preface
1. Introduction
2. Deployment Overview
3. Deploying MySQL Extractors
4. Deploying Appliers
5. Deployment: Advanced
6. Deployment: Security
7. Operations Guide
8. Command-line Tools
9. The tpm Deployment Command
10. Tungsten REST APIv2
11. Replication Filters
12. Performance and Tuning
A. Release Notes
B. Prerequisites
C. Troubleshooting
D. Files, Directories, and Environment
E. Terminology Reference
F. Internals
G. Frequently Asked Questions (FAQ)
Navigate Up
9.5.2. tpm cert Command
Parent Sections
9.5.2.1. tpm cert Usage
9.5.2.2. tpm cert {typeSpec}, Defined
9.5.2.3. {typeSpec} definitions
9.5.2.4. {passwordSpec} definitions
9.5.2.5. tpm cert: Getting Started - Basic Examples
9.5.2.6. tpm cert: Getting Started - Functional Database Cert Rotation Example
9.5.2.7. tpm cert: Getting Started - Conversion to Custom-Generated Security Files Example
9.5.2.8. tpm cert: Getting Started - Advanced Example
9.5.2.9. Using tpm cert add
9.5.2.10. Using tpm cert aliases
9.5.2.11. Using tpm cert ask
9.5.2.12. Using tpm cert backup
9.5.2.13. Using tpm cert cat
9.5.2.14. Using tpm cert changepass
9.5.2.15. Using tpm cert clean
9.5.2.16. Using tpm cert diff
9.5.2.17. Using tpm cert example
9.5.2.18. Using tpm cert info
9.5.2.19. Using tpm cert list
9.5.2.20. Using tpm cert gen
9.5.2.21. Using tpm cert remove
9.5.2.22. Using tpm cert rotate
9.5.2.23. Using tpm cert vi
9.5.2.8. tpm cert: Getting Started - Advanced Example
Prev  ^Up9.5.2. tpm cert Command Next

9.5.2.8. tpm cert: Getting Started - Advanced Example

9.5.2.8. --- Summary ---
9.5.2.8. --- Details ---

You may want to provide your own certificates, or have installed with disable-security-controls=true, and now wish to enable security. If so, tpm cert is for you.

In the following advanced example, we will rotate the database certs using a source .pfx file.

--- Summary ---
--- Details ---

  • Displays example tungsten.env contents 

    shell> tpm cert example env

  • Create a new $CONTINUENT_ROOT/share/tungsten.env file, which defaults to example id 1: 

    shell> tpm cert gen env 2

  • Run vi $CONTINUENT_ROOT/share/tungsten.env 

    shell> tpm cert vi env

export BASE_DIR=/etc/tungsten/secure
export BATCH="pfx2p12,JK,TS,CJ,CT"

  • Display variables set in $CONTINUENT_ROOT/share/tungsten.env 

    shell> tpm cert ask env

  • Displays example tungsten.ini contents 

    shell> tpm cert example ini

  • Run vi /etc/tungsten/tungsten.ini 

    shell> tpm cert vi ini

java-keystore-path=/etc/tungsten/secure/tungsten_keystore.jks
java-truststore-path=/etc/tungsten/secure/tungsten_truststore.ts
java-connector-keystore-path=/etc/tungsten/secure/tungsten_connector_keystore.jks
java-connector-truststore-path=/etc/tungsten/secure/tungsten_connector_truststore.ts

  • Generate all cert files in the BATCH envvar defined in the tungsten.env file: 

    shell> tpm cert gen batch --livetls -x

  • Display info as json all cert files in the BATCH envvar defined in the tungsten.env file: 

    shell> tpm cert info P12,JK,TS,CJ,CT

  • Display the extracted package staging directory that the software was installed from: 

    shell> tpm query staging

  • Update the software to use the new cert files in {certsdir}: 

    shell> cd {staging_dir}
shell> tools/tpm update --replace-release
Prev Up Next
9.5.2.7. tpm cert: Getting Started - Conversion to Custom-Generated Security Files Example  ^Level 9.5.2.9. Using tpm cert add
Copyright © 2025 Continuent, Ltd.1 (415) 529-4901Terms of UsePrivacy & CookiesLegal NoticeExhibits