Configure the TM1 Server and a Cognos Analytics dispatcher with SSL enabled

You can configure TM1® Server for CAM Authentication when using a Cognos® Analytics dispatcher with SSL enabled.

1. Add the following parameter to the tm1s.cfg file.
   CAMUseSSL=T
2. Find the root and any intermediate CA (signing) certificates for the Cognos Analytics dispatcher.
   By default this key database file is <PA_install_directory>\bin64\ssl\ibmtm1.kdb.
   1. Browse to the Cognos Analytics dispatcher URL.
      For example, https://cognosbi.ibm.com:9300/p2pd/servlet/dispatch.
   2. Using Internet Explorer, click the lock icon to the right of the URL.
   3. Click View certificates.
3. Export the certificates to a Base-64 encoded cer file.
4. Import the certificates into the key database used by the TM1 Server by running the following command from the <PA_install_directory>\bin64\ directory.

   gsk8capicmd_64 -cert -add -db .\ssl\ibmtm1.kdb -stashed -label cognosbi 
   -file .\ssl\cognosbica.cer -format ascii -trust enable 

   This command assumes that the certificates are in a file named cognosbica.cer that has already been copied into the <PA_install_directory>\bin64\ssl\ directory.
5. Restart the TM1 Server.