Importing the CA certificate for the Java Runtime Environment of Cognos Analytics

Use the Keytool command to import the Certificate Authority (CA) certificate that issued the certificates for IBM OpenPages® with Watson™ into the Java™ JRE environment on each reporting server.

Before you begin

On each reporting server, $JAVA_HOME/bin must be set in the PATH system environment variable. To verify that Java is in the PATH variable, run the following command:

java -version

If you get the following error, Java is not in the PATH variable:

Command not
found

Procedure

Log on to each Cognos® Analytics server as a user with administrative privileges.
Open a shell or command prompt. If you are using Windows, open the command prompt as an administrator.
Type the following Keytool command to import the OpenPages root certificate into the cacerts keystore.
```
keytool -importcert -alias <certificate_name> -trustcacerts -file <file_name> -keystore <keystore_name>
```
For example, the following Keytool command imports the rootca certificate from the trustedcafilename.cer file into the cacerts keystore file:
```
keytool -importcert -alias rootca -trustcacerts -file trustedcafilename.cer -keystore cacerts
```
Enter the password for the keystore.

The default password is changeit.
Enter Yes to trust the certificate.

What to do next

If you are using self-signed certificates for OpenPages that are not issued by a known CA, you must import the self-signed root certificate from any OpenPages server connected to the current Cognos server. Use the following Java keytool command to import the certificates into the keystore.

keytool -importcert -alias <certificate_name> -trustcacerts -file <file_name>
  -keystore <keystore_name>