Configuring Cognos TM1 clients to use SSL
- Open Cognos TM1 Architect or Cognos TM1 Perspectives, Server Explorer.
- In Server Explorer, click File > Options.
- Edit the SSL options in the Admin Server Secure Socket Layer (SSL) section.
The following table describes all SSL-related options that can be set in the TM1 Options dialog box and lists the corresponding Tm1p.ini parameters.
Option Name |
Corresponding Tm1p.ini Parameter |
Description |
---|---|---|
Certificate Authority |
AdminSvrSSLCertAuthority |
The full path of the certificate authority file that issued the Cognos TM1 Admin Server's certificate. |
Certificate Revocation List |
AdminSvrSSLCertRevList |
The full path of the certificate revocation file issued by the certificate authority that originally issued the Cognos TM1 Admin Server's certificate. A certificate revocation file will only exist in the event a certificate had been revoked. |
Certificate ID |
AdminSvrSSLCertID |
Note: The name of the principal to
whom the Cognos TM1 Admin Server's certificate is issued.
The value of this parameter should be identical to the SSLCertificateID parameter for the IBM Cognos TM1 Admin Server as set in IBM Cognos Configuration. |
Use Certificate Store |
ExportAdminSvrSSLCert |
Select this option if you want the certificate authority certificate which originally issued the Cognos TM1 Admin Server's certificate to be exported from the Microsoft Windows certificate store at runtime. Selecting this option in the Cognos TM1 Options dialog box is equivalent to setting ExportAdminSvrSSLCert=T in the Tm1p.ini file. When this option is selected, you must also set a value for Export Certificate ID in the Cognos TM1 Options dialog box. |
Export Certificate ID |
AdminSvrSSLExportKeyID |
The identity key used to export the certificate authority certificate, which originally issued the Cognos TM1 Admin Server's certificate, from the certificate store. This parameter is required only if you choose to use the certificate store by setting ExportAdminSvrSSLCert=T. |