IBM Support

How to Regenerate Cryptographic Keys

Technote (FAQ)


How can the Cryptographic Keys be regenerated?


There are several instances when the Cryptographic Keys may need to be regenerated.


According to the Administration and Security Guide:

Steps to Regenerate Cryptographic Keys
1. Stop the Cognos services.
2. On the Content Manager computer, back up the existing cryptographic keys by saving the following directories to an alternate location that is secure:

    ● c10_location/configuration/csk
    ● c10_location/configuration/encryptkeypair
    ● c10_location/configuration/signkeypair
Save the following files to an alternative location that is secure
    ● c10_location/configuration/caSerial
    ● c10_location/configuration/cogconfig.prefs
3. Open Cognos Configuration, go to the File menu and select "Export As",click yes at the prompt and save the file as backup.xml in the c10_location/configuration folder.
4. Delete the directories and files from point 2.
Clear all the contents of the c10_location/temp/ directory
5. In the c10_location/configuration folder, rename the existing cogstartup.xml to cogstartup.old
6. In the c10_location/configuration folder, rename backup.xml to cogstartup.xml.
7. Open Cognos Configuration, save the configuration and restart the services.
8. Repeat steps 1 - 7 on all computers that have Cognos components installed.

Note: The Dispatchers and Gateways do not have a caSerial file.

Refer to the Administration and Security Guide > Installation and Configuration Problems -> CAM-CRP-1315 Error when saving Configuration for your specific product version .

Document information

More support for: Cognos Business Intelligence
Install and Config

Software version: 10.1, 10.1.1, 10.2, 10.2.1

Operating system(s): AIX, HP-UX, Linux, Solaris, Windows

Reference #: 1383421

Modified date: 16 December 2009