Add certificates to the JRE keystore
The IBM® Cognos® TM1® Operations Console requires a certificate in the Java™ Runtime Environment (JRE) keystore.
Procedure
- Run the Java keytool command
to import the certificate into the keystore.
- Open a command prompt and change to the following directory:
location \bin\jre\7.0\bin
where location is the file directory where Cognos TM1 is installed.
CAUTION:On 64-bit computers, be sure to add the certificates to the bin64 folder. - Run the following command line. For formatting purposes
the command is shown here with line breaks but you should enter the
command all on one line.
keytool -import -file "C:\location\bin\ssl\applixca.pem" -keystore "C:\location\bin\jre\7.0\lib\security\cacerts" -storepass "changeit"
For 64-bit installations, target the 64-bit folder when dealing with the certificates. For example, this sample command targets the 64-bit jre:
cd C:\Program Files\ibm\cognos\TM1_64\bin64\jre\7.0\bin
The following command is an example used on 64-bit systems. For formatting purposes this command is shown with line breaks but you should enter the command all on one line.
keytool -import -file "C:\Program Files\ibm\cognos\TM1_64\bin64\ ssl\tm1ca_v2.pem" -keystore "C:\Program Files\ibm\cognos\TM1_64\bin64\ jre\7.0\lib\security\cacerts" -storepass "changeit"
If you do not correctly target the 64-bit locations for certificates when running a 64-bit installation, you receive a warning message indicating that you cannot contact the servers.
- Enter yes when prompted to trust or add the certificate.
- Open a command prompt and change to the following directory:
- You may need to restart Apache Tomcat to have the change
take effect. Remember: Re-add certificates any time you re-install Cognos TM1 .