Configure IBM Cognos for SSL enabled Web servers

If you are using secure sockets layer (SSL) on your Web server, you must change the Gateway URI values in IBM Cognos Configuration to be able to access the portal.

To enable SSL on your Web server, you must obtain a Web server certificate signed by a Certificate Authority (CA) and install it into your Web server. For more information about using certificates with your Web server, see your Web server documentation. These certificates are not provided with IBM Cognos products.

To enable users to access the IBM® Cognos® portal using SSL, you must change the Gateway URI values in IBM Cognos Configuration for each computer where the Application Tier Components and Framework Manager are installed.

Procedure

  1. Configure your Web server for SSL and start the Web server.
  2. On each computer where the Application Tier Components or Framework Manager are installed, start IBM Cognos Configuration.
  3. Under Local Configuration, click Environment, and change the Gateway URI value from http to https.
  4. In the Gateway URI value, change the port number to the SSL port number defined for your Web server. For example, the default port number for SSL connections is usually 443.
  5. On each computer where the Application Tier Components or Framework Manager are installed, go to the c10_location/bin directory and import all the certificates that make up the chain of trust, in order starting with the root CA certificate, into the IBM Cognos trust store.

    Import the certificates by typing the following command:

    On UNIX or LINUX, type

    ThirdPartyCertificateTool.sh -T -i -r path/certificate_fileName -D c10_location/configuration/signkeypair -p password

    On Windows, type

    ThirdPartyCertificateTool.bat -T -i -r path\certificate_fileName -D c10_location\configuration\signkeypair -p password

    Note: The password should have already been set. If not, the default password is NoPassWordSet.

  6. Save your configuration, and restart your services.

Results

When you access the portal using https://servername:443/ibmcognos, you should be prompted to install a certificate.

To avoid being prompted by a security alert for each new session, install the certificate into one of your Web browser's certificate stores.