What config step is missing to enable "Import Custom Report" in CCM4.0 to import RRDI reports?
Config:
- JTS/CCM/RM/QM on a Windows 2008-R2/64 Server with Websphere 8.0.0.3/64
- DB2 9.7.5 on a Windows 2008-R2/64 Server
- RRDI on DB Server with Websphere 8.0.0.3/64
Within RRDI (Cognos Connect) UI I'm able to login with the Jazz account of JTS and run the CLM reports, I imported from the CLM installation.
Within CCM reports menu, I'm able to "Perform Additional Reporting Tasks" (all three).
But, if I use the "Import Custom Report" within the "Reports/Browse/Shared Folder" page, I get an Error: "Unable to communicate with the Rational Reporting Server." as soon as I press the "Browse" button. According Infocenter help this should list me the reports I can import.
Similar I get if I use "Create Resource from Custom Reports" out of the "Reports/Report Resources" Menu.
I searched through many documents but did not find, what configuration step I missed during setup.
One answer
Error Message in systemout.log of CLM-Websphere profile:
[8/9/12 11:47:00:527 CEST] 00000026 WSX509TrustMa E CWPKI0022E: SSL
HANDSHAKE FAILURE: A signer with SubjectDN "CN=GIRTC3XDB2IHS, OU=GIRTC3XDB2IHSNode01Cell, OU=RationalReportingNode01, O=IBM, C=US" was sent from target host:port "db1.devclm.company.com:9086". The signer may need to be added to local trust store "C:/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/GIRTC3XWASRTCNode01Cell/nodes/GIRTC3XWASRTCNode01/trust.p12"
located in SSL configuration alias "NodeDefaultSSLSettings" loaded from SSL configuration file "security.xml". The extended error message from the SSL handshake exception is: "PKIX path building failed:
java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:
java.security.cert.CertPathValidatorException: The certificate issued by CN=GIRTC3XDB2IHS, OU=Root Certificate, OU=GIRTC3XDB2IHSNode01Cell, OU=RationalReportingNode01, O=IBM, C=US is not trusted; internal cause is:
java.security.cert.CertPathValidatorException: Certificate chaining error".
CWPKI0428I: The signer might need to be added to the local trust store. You can use the Retrieve from port option in the administrative console to retrieve the certificate and resolve the problem. If you determine that the request is trusted, complete the following steps:
Solution:
1. Log into the administrative console.
2. Expand Security and click SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations.
3. Select the appropriate outbound configuration to get to the (cell):GIRTC3XWASRTCNode01Cell:(node):GIRTC3XWASRTCNode01 management scope.
4. Under Related Items, click Key stores and certificates and click the NodeDefaultTrustStore key store.
5. Under Additional Properties, click Signer certificates and Retrieve From Port.
6. In the Host field, enter db1.devclm.company.com in the host name field, enter 9086 in the Port field, and db1.devclm.company.com_cert in the Alias field.
7. Click Retrieve Signer Information.
8. Verify that the certificate information is for a certificate that you can trust.
9. Click Apply and Save.
Comments
I did all necessary steps, but I am getting the same message again:
Unable to communicate with the Rational Reporting Server."
This is a new message in systemout.log:
[07.11.12. 14:06:36:880 CET] 00000026 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector executeWithRetry I/O exception (java.net.ConnectException) caught when processing request: Connection timed out: connect
[07.11.12. 14:06:36:880 CET] 00000026 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector executeWithRetry Retrying request