Changes in this topic | Description |
---|---|
Updated in version 9.13 | Prerequisites and components added to integrate CyberArk with Connect ETL |
Before you begin:
The CyberArk's Central Credential Provider (CCP) needs to be installed. Once installed, Connect ETL uses REST APIs to retrieve the password.
Connect connects to CyberArk Enterprise Password Vault over a TLS-secured HTTPS connection and requires access to an up-to-date TLS client certificate. If the CyberArk server secures the Connect connection with a self-signed certificate, update connect_install/CACertificates/cacert.pem with the public certificate at the same time you update or install the client certificate, where connect_install is Connect install directory.
For Connect jobs run in a Hadoop cluster, update the client certificate and cacert.pem on the edge node only. Connect distributes TLS configurations, keys, and certificates to the cluster nodes.
If a client certificate file is out-of-date, Connect issues an HTTPSCVF error when it attempts to connect to the CyberArk server.