Open Cognos Configuration and edit the SSL-related parameters as described in the following table.
| Parameter |
Description |
|---|---|
| Support non-SSL clients? |
This parameter determines if the Admin Server supports non-SSL Cognos TM1 clients. Set this parameter to True to configure the Admin Server to support non-SSL clients and to listen for client connections on both secured (SSL) and unsecured ports. Set this parameter to False to configure the Admin Server to support only SSL client connections on a single secured port. |
| TM1 Admin Server certificate authority file location |
The full path and name of the Cognos TM1 Admin Server's certificate authority file. |
| Certificate file location |
The full path of the Cognos TM1 Admin Server's certificate file, which contains the public/private key pair. |
| Diffie-Hellman 512 bit key file location |
The full path name of the file that contains a pre-generated Diffie-Hellman 512 bit key. The generation of Diffie-Hellman parameters can be computationally expensive. To minimize the consumption of resources and to reduce the amount of time required to load the Cognos TM1 server, the Diffie-Hellman 512 bit key should be pre-generated and stored in a file that is called when the Admin Server starts. |
| Diffie-Hellman 1024 bit key file location |
The full path of the file that contains a pre-generated Diffie-Hellman 1024 bit key. The generation of Diffie-Hellman parameters can be computationally expensive. To minimize the consumption of resources and to reduce the amount of time required to load the Cognos TM1 server, the Diffie-Hellman 1024 bit key should be pre-generated and stored in a file that is called when the Admin Server starts. |
| TM1 Admin Server private key password file location |
The full path of the file that contains the encrypted password for the Cognos TM1 Admin Server's private key. |
| TM1 Admin Server password key file location |
The full path of the file that contains the key used to encrypt and decrypt the password for the private key. |
| Export TM1 Admin Server certificate? |
Specifies whether the Cognos TM1 Admin Server's certificate should be exported from the Windows certificate store. If this parameter is set to True, the Admin Server's certificate is exported from the Windows certificate store when the certificate is requested by the Admin Server. For details on using your own security certificates and exporting certificates from the Windows certificate store, see Using independent certificates with SSL and Cognos TM1. |
| TM1 Admin Server certificate ID |
Specifies the name of the principal to whom the Cognos TM1 Admin Server's certificate is issued to. |
| Certificate revocation file location |
The full path of the Cognos TM1 Admin Server's certificate revocation file. A certificate revocation file will only exist in the event that a certificate has been revoked. |
| TM1 Admin Server export key ID |
Specifies the identity key used to export the Admin Server's certificate from the Microsoft Windows certificate store. This parameter is required only if you choose to use the certificate store. |
TM1 Admin Server Certificate Version |
Specifies which version of the TM1 generated SSL certificates to use. By default, the 1024-bit encryption version of the TM1 generated certificates is used. Change this parameter only if you want to use the new 2048-bit encryption version of the default certificates. You can use the new version with old and new TM1 clients, but you must configure the clients to use the new certificate authority file. Note: This parameter does not
apply if you are using your own SSL certificates.
Valid
values include:
|