How Do I configure RRDI to use HTTPS from the command line (without disabling HTTP on the report server)?
How Do I configure RRDI to use HTTPS from the command line (without disabling HTTP on the report server)?
for some reasons you may not be able to export the graphics on a linux server and are not able to user user interface for cognos configuration and ikeyman as described in the infocenter |
2 answers
Will these same steps apply for Rational Insight? I'm struggling to get the SSL enablement working for the CLM/Insight configuration. Also, can you confirm these are the steps for Tomcat, or will they work for Websphere also?
Comments yes, theses steps 1 and 2 apply to both Insight and RRDI
|
|
Matthieu Leroux (657●1●6●14)
| answered Feb 07 '14, 5:23 a.m.
JAZZ DEVELOPER edited Feb 07 '14, 5:24 a.m.
1- you first need to change the Gateway URI in Cognos configuration to use the new URL with the HTTPS protocol
you would normally do that by starting the program Cognos configuration and modify it in the Environment section. NOTE: If you intend to disable HTTP, you would need to modify more URLS in the configuration as per: http://pic.dhe.ibm.com/infocenter/clmhelp/v4r0m5/topic/com.ibm.rational.rrdi.admin.doc/topics/t_config_https.html Through the command line you would use Cognos Configuration in silent mode, to first export the current configuration to an xml file, modify the URLs in the XML and then reimport the XML to update the file cogstartup.xml: export the current configuration: cd <RRDI install Dir>/cognos/bin64 ./cogconfig.sh -e myconf.xml make your changes in myconf.xml. import the change back to the configuration: ./cogconfig.sh -s -startupfile myconf.xml 2- update the file jazzns_config.xml to use the new URL this file is located in the <RRDI install Dir>/cognos/configuration folder Restart the Report Server. 3- In the CLM applications, update the URLs to point to the Report server using HTTPS go to jts/admin go to the report section modify the custom report connection URL in the Advanced properties, modify: "Trusted URIs for client authorization and redirection" to use the new URL Do the same for QM and CCM. 4- import the report server certificate to the JTS Java keystore. access the report server through a web browser NOTE: if you are using a reverse proxy to access the Report server, use the URL that contains the reverse proxy. save the certificate to your local machine move the certificate to the JTS server you can use ikeyman as described here: http://pic.dhe.ibm.com/infocenter/clmhelp/v4r0m5/topic/com.ibm.rational.rrdi.admin.doc/topics/t_int_ssl_reportsrv_jazz.html or use keytool: keytool -import -keystore "$CLIENT_KEYSTORE" -storepass "$CLIENT_PW" \-alias "$SERVER_ALIAS" -file "$SERVER_CERTFILE" -noprompt where CLIENT_KEYSTORE=[JTSInstallDir]/server/jre/lib/security CLIENT_PW=changeit SERVER_ALIAS=reportServer SERVER_CERTFILE=location of the saved certificate on the JTS server NOTE: if you are running Tomcat as a service, ensure that you are importing in the right JRE. Restart the JTS server. |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.