Overview

All IBM® Planning Analytics Local components can communicate with the Cognos® TM1® Admin Server by using Transport Layer Security (TLS).

Note: Though a standard Planning Analytics Local installation is configured to use TLS by relying on the certificates that are installed in the <PA_install_directory>\bin64\ssl directory, you should use your own certificates to maximize security.

The following diagram illustrates how IBM TM1 Server interacts with the components of the Data Tier, Web Tier, Rich Tier, and other Planning Analytics clients.

Overview of Transport Layer Security in Planning Analytics. Configure the TM1 Server to use custom TLS Configure the Cognos TM1 Admin Server to use custom TLS Configure the Web Tier to use custom TLS Configure Cognos TM1 Architect or Perspectives to use custom certificates Configure Cognos TM1 Performance Modeler to use custom certificates Configure Cognos Insight to use custom certificates Configure the TM1 C API to use custom certificates Authentication and session security Configure the TM1 Server and a Cognos Analytics dispatcher with SSL enabled Configure TLS for Planning Analytics Workspace Local Configure TLS between Planning Analytics Workspace Local and other servers Set up connections for TM1 REST APIs
  1. The IBM TM1 Server is configured to use Transport Layer Security (TLS) by default. When the TM1 Server registers with the Admin Server, the TM1 Server specifies whether it is using TLS or not. To replace the provided TLS certificates, see Configure the TM1 Server to use custom TLS.
  2. The TM1 Admin Server is configured to use TLS by default. To replace the provided TLS certificates, see Configure the Cognos TM1 Admin Server to use custom TLS.
  3. Configure the Web Tier to use custom TLS. For TM1RunTI configuration to TM1 Server, see Using TM1RunTI in TM1 TurboIntegrator.
  4. If you are using custom TLS certificates, see Configure Cognos TM1 Architect or Perspectives to use custom certificates.
  5. If you are using custom TLS certificates, see Configure Cognos TM1 Performance Modeler to use custom certificates.
  6. If you are using custom TLS certificates, see Configure Cognos Insight to use custom certificates.
  7. If you are using custom TLS certificates, see Configure the TM1 C API to use custom certificates.
  8. This configuration depends on the REST API client. Assuming the REST API client is using a web browser, there is no configuration required unless the default TLS certificates from the TM1 Server are used. For more information, see Authentication and session security.
  9. Configure the TM1 Server and a Cognos Analytics dispatcher with SSL enabled.
  10. Configure TLS for Planning Analytics Workspace Local.
  11. If you are using custom TLS certificates, see Configure TLS between Planning Analytics Workspace Local and other servers.
  12. For information about IBM Planning Analytics for Microsoft Excel connections, see Set up connections for TM1 REST APIs.