Configure the Cognos® LifeCycle
Manager
Server.XML for SSL.
About this task
The Server.XML is stored in the following
location: <lcm install dir>\wlp\usr\servers\lcm\server.xml
Procedure
-
Add an SSL Configuration block and keystore to the Server.XML file:
<sslDefault sslRef="defaultSslConfig" />
<ssl id="defaultSslConfig" keyStoreRef="defaultKeyStore" clientAuthenticationSupported="true"/>
<keyStore id="defaultKeyStore" password="yourPassword" />
- Add an HTTPS port number to your httpEndpoint element:
<httpEndpoint host="*" httpPort="9305" httpsPort="9443" id="defaultHttpEndpoint"/>
- Restart the Cognos LifeCycle
Manager Server.
- Locate the keystore file. It will be located in the following location:
<lcm install dir>\wlp\usr\servers\lcm\resources\security\<keystore name>
Keystore name is key.jks.
Once you have your keystore file, you can import the ca.cer file that you
created during your Cognos Analytics
install.
- Browse to the key tool that is part of the JRE shipped with Cognos LifeCycle Manager. The JRE is found at the following
location: <lcm install dir>\jre
- Import the ca.cer to two locations:
- To the ca certs file under <lcm install
dir>\jre\lib\security\cacerts. The command to import the cert will look like:
<lcm install dir>\jre\bin\keytool -import -trustcacerts -alias myc11install -file <some file location>\ca.cer -keystore <lcm install dir>\jre\lib\security\cacerts
- Import the ca.cer file to the keystore for liberty profile using
the command:
<lcm install dir>\jre\bin\keytool -import -trustcacerts -alias myc11install -file <some file location>\ca.cer -keystore <lcm install dir>\wlp\usr\servers\lcm\resources\security\<keystore name>
-alias is used to add a description to the keystore in case
multiple certificates are used.
The default password for the JRE Keystore
is "changeit".
The password to the liberty profile key store is "yourPassword" as specified in
step 1.
Results
Cognos
LifeCycle Manager should now be able to communicate using SSL with the Cognos Analytics server that you imported the
certificate from.