External certificate management in Cognos Analytics
IBM® Cognos® Analytics with Watson uses certificates to establish the root of trust between its different components. The certificates from an internal (default) or external certificate authority (CA) are supported.
The ThirdPartyCertificateTool command-line tool is used to manage the certificates.
For the external certificate authority (CA), you can configure a new certificate or an existing certificate.
Minimum requirements for external CA certificates
These requirements are defined in IBM Cognos Configuration,
.Select IBM Cognos for certificates that use a digital signature with SHA-1 algorithm and an RSA key of the size <2048,
Select NIST SP 800-131A or FIPS 140-2 if all the certificates do not contain SHA-1 based digital signatures and have an RSA key of the size ≥2048.