You can enable secure sockets layer (SSL) protocol for communications between IBM®
Cognos® Analytics with Watson and
Microsoft SQL Server databases.
The databases that can be configured are the Content Manager,
Notification, Mobile, Human Task and
Annotation Services, and Logging databases.
For more information about configuring SQL Server for SSL, see the documentation for your version
of Microsoft SQL Server.
Note: Microsoft SQL server uses different driver JAR file names, such as
sqljdbc4.jar, sqljdbc41.jar, and
sqljdbc42.jar. Officially, sqljdbc42.jar supports JRE8,
which is the version that is used by IBM
Cognos Analytics with Watson.
Before you begin
Ensure that you enable SSL on your database server before you perform the steps in IBM
Cognos Configuration.
Procedure
-
Obtain the root Certificate Authority (CA) certificate that issued your SQL Server certificate,
and copy the CA certificate to the computer where Cognos
Analytics
is installed, to a location that's easy to access. For example, if the certificate name is
sqlcert.cer, the location can be c:\sqlcert.cer.
Then, from a command line tool, run the following command:
C:\Progra~1\ibm\cognos\analytics\ibm-jre\jre\bin\keytool
-import -trustcacerts -file "c:\sqlcert.cer"
-keystore C:\Progra~1\ibm\cognos\analytics\ibm-jre\jre\lib\security\cacerts
-alias SQLCert
Note: The example uses the default Cognos
Analytics
installation location.
-
Edit the install_location\bin64\cogconfig.bat (Windows)
or install_location\bin64\cogconfig.sh (Linux, UNIX) file by
adding the following line after the line
set J_OPTS=%DD_OPTS% %J_OPTS%
:
Windows:
set J_OPTS="-Dcom.ibm.jsse2.overrideDefaultTLS=true" %J_OPTS%
Linux, UNIX:
JAVA_OPTS=$JAVA_OPTS -Dcom.ibm.jsse2.overrideDefaultTLS=true
- Start IBM
Cognos Configuration by double-clicking the
cogconfig file that you modified in step 3.
- Under Data Access, click the database name that you want to
configure. For example, to configure the content store database, under Content
Manager, click the database name.
Other databases that can be configured are Notification,
Mobile, Human Task and Annotation Services, and
Logging.
Tip: To configure the Logging database, go to
.
- In the properties pane, click the SSL Encryption Enabled property,
and set its value to True.
- Test the connection, and save your configuration.
- Start IBM
Cognos Analytics with Watson. The
full server name in SQL Server Configuration Manager must match the name in the certificate. For
example, mycomputer.canlab.ibm.com, and not
localhost.