How Can I Set a Specific Public Certificate for High-Volume Agent Connectors?

Question

How can I set a specific public certificate for High-Volume Agent (HVA) connectors?

Environment

High-Volume Agent (HVA) connectors

Answer

Pause HVA connectors

Pause all HVA connectors using the agent host. Alternatively, go to each connector page in Fivetran, then set the ENABLED toggle to OFF.

Stop the Agent Listener service

Stop the Agent Listener service by following the instructions below based on your operating system.

HVA on Linux

If you configured the agent using the agentListener.service command, stop the service.

sudo systemctl stop agentListener.service

If you configured the agent to run as a daemon process, stop the service using the hvragentlistener command.

hvragentlistener -k <agent_port_number>

HVA on Unix

If you configured the agent using inetd, stop the inetd service (refer to the OS instructions).

NOTE: If you are on Solaris and used Service Management Facility (SMF), run the following command to refresh the service:

svcadm refresh inetd

If you configured the agent to run as a daemon process, stop the service using the hvragentlistener command.

hvragentlistener -k <agent_port_number>

HVA on Windows

Refer to Microsoft Windows' documentation for steps to configure services.

Set the public certificate

To set the public certificate, execute the following commands using the HVA host's command line interface (CLI):

1. Enable setup mode:

   hvragentconfig Setup_Mode_Timed_Until=now+1h
   

2. Add your public certificate and private key:

   hvragentconfig Agent_Server_Public_Certificate=@<new_public_certifiate_path> Agent_Server_Private_Key=@<new_private_key_path> Agent_Server_Private_Key_Password=<new private key password>
   

3. Disable setup mode:

   hvragentconfig Setup_Mode_Timed_Until=
   

4. Extract the public certificate used by the agent:

   hvragentconfig Agent_Server_Public_Certificate
   

Start the Agent Listener service

Start the Agent Listener service again by following the instructions below based on your operating system.

HVA on Linux

If you configured the agent using the agentListener.service command, start the service.

sudo systemctl start agentListener.service

If you configured the agent to run as a daemon process, start the service using the hvragentlistener command.

hvragentlistener -d <agent_port_number>

HVA on Unix

If you configured the agent using inetd, reload the inetd service to apply the changes (refer to the OS instructions).

If you configured the agent to run as a daemon process, start the service using the hvragentlistener command.

hvragentlistener -d <agent_port_number>

HVA on Windows

Refer to Microsoft Windows' documentation for steps to configure services.

Update the connector's public certificate

It's only possible to update the public certificate for one connector at a time. To update each connector's public certificate, do the following:

1. In Fivetran, go to the applicable HVA connector page.
2. Select the Setup tab.
3. Click Edit connection.
4. Enter the new public certificate in the Agent Public Cert field.
5. Click Save & Test.
6. Set the ENABLED toggle to ON.