Configure the Cognos TM1 ETLDAP Utility to use TLS
Example:
keytool -keystore "C:\Program Files\IBM\cognos\tm1_64\bin64\ssl\tm1store"
-alias Applixldapca -import -file c:\temp\certificate_name.cer
In this command, substitute the name of your certificate file for certificate_name.cer.
When prompted for the keystore password, enter 'applix'.
You will receive confirmation that the certificate was added to the Cognos TM1 keystore.
When connecting to the LDAP server, you must select the SSL option. If you do not select the SSL option, the LDAP server will not be able to authenticate your user information.
When running the ETLDAP utility from a command line, you must use the following two parameters to enable TLS.
Parameter |
Description |
---|---|
-Djavax.net.sll.truststore |
Use this parameter to specify the full path to the Java™ certificate store containing the public root authority certificate. For example, to use the Java certificate store installed with TM1, use the parameter -Djavax.net.sll.truststore= C:\Program Files\IBM\cognos\tm1_64\bin\ssl\tm1store |
-Djavax.net.ssl.trustStorePassword |
Use this parameter to specify the password used to create the Java certificate store. For example, to specify the password used to create the Java certificate store installed withTM1, use the parameter -Djavax.net.ssl.trustStorePassword=applix |