If you are using secure sockets layer (SSL)
on your Web server, you must change the Gateway URI values
in IBM Cognos Configuration to be able to access the portal.
To enable SSL on
your Web server, you must obtain a Web server certificate signed by
a Certificate Authority (CA) and install it into your Web server.
For more information about using certificates with your Web server,
see your Web server documentation. These certificates are not provided
with IBM Cognos products.
To enable users to
access the IBM® Cognos® portal using SSL, you must change the Gateway
URI values in IBM Cognos Configuration for each computer
where the Application Tier Components and Framework Manager are installed.
Procedure
- Configure your Web server for SSL and start the Web server.
- On each computer where the Application
Tier Components or Framework Manager are installed, start IBM Cognos Configuration.
- Under Local Configuration, click Environment,
and change the Gateway URI value from http to https.
- In the Gateway URI value, change
the port number to the SSL port number defined for your Web server.
For example, the default port number for SSL connections is usually
443.
- On each computer where the Application
Tier Components or Framework Manager are installed, go to the c10_location/bin directory
and import all the certificates that make up the chain of trust, in
order starting with the root CA certificate, into the IBM Cognos trust
store.
Import the certificates by typing the following
command:
On UNIX or
LINUX, type
ThirdPartyCertificateTool.sh
-T -i -r path/certificate_fileName -D c10_location/configuration/signkeypair
-p password
On Windows, type
ThirdPartyCertificateTool.bat
-T -i -r path\certificate_fileName -D c10_location\configuration\signkeypair
-p password
Note: The
password should have already been set. If not, the default password
is NoPassWordSet.
- Save your configuration, and restart your services.
Results
When you access the portal using https://servername:443/ibmcognos,
you should be prompted to install a certificate.
To avoid being
prompted by a security alert for each new session, install the certificate
into one of your Web browser's certificate stores.