API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 7th, 2016
132
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.13 KB | None | 0 0
raw download clone embed print report
  1. 1. You need to create a new user id and Grant SSL rights to it. So this user id can connect to Aurora / MySQL only using Secured connection.
  2. GRANT USAGE ON *.* TO 'admin'@'%' REQUIRE SSL
  3. 2. Download public RDS key (.pem fie) from AWS (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Aurora.html#Aurora.Overview.Security.SSL)
  4. 3. Downloaded file contains certificates / keys for each region.
  5. 4. Split certificates from .PEM file into different .PEM files
  6. 5. Use JDK keytool command utility to import all these PEM files into a single truststore (xyz.jks) file
  7. a. keytool -import -alias xyz.jks -file abc1.pem -keystore truststore
  8. 6. Configure JNDI entry for your Aurora / MySQL instance in Pentaho Properties File "data-integrationsimple-jndijdbc.properties"
  9. a. Sample JNDI configuration
  10. -------------------------------------------------------------------------
  11. RDSSecured/type=javax.sql.DataSource
  12. RDSSecured/driver=com.mysql.jdbc.Driver
  13. RDSSecured/user=admin
  14. RDSSecured/password=password
  15. RDSSecured/url=jdbc:mysql://REPLACE_WITH_RDS_ENDPOINT_HERE:3306/DATABASE_NAME?verifyServerCertificate=true&useSSL=true&requireSSL=true
  16. -------------------------------------------------------------------------
  17. 7. Make sure you copied MySQL connector jar in "lib" directory of your pentaho installation. Use connector version 5.1.21 or higher.
  18. 8.
  19. 9. Create a copy of Spoon.bat / Spoon.sh based on your operating system E.g. Spoon_With_Secured_SSL_TO_RDS.bat or Spoon_With_Secured_SSL_TO_RDS.sh
  20. 10. Now we need to pass the truststore details to Pentaho at startup, so edit the copied script and append below mentioned arguments to OPT variable
  21. a. -Djavax.net.ssl.trustStore="FULL_PATHxyz.jks"
  22. b. -Djavax.net.ssl.trustStorePassword="YOUR_TRUSTSTORE_PASSWORD"
  23. 11. Use new script to start Spoon here after to establish the secure connection
  24. 12. Open/create your Job / Transformation
  25. 13. Go To View Tab - Database Connections and create new connection
  26. a. Connection Type: MySQL
  27. b. Access: JNDI
  28. c. JNDI Name: RDSSecured
  29. i. Same as name used in JDBC.properties file
  30. 14. Test Connection and you are ready…. :)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!