Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

What config step is missing to enable "Import Custom Report" in CCM4.0 to import RRDI reports?

I have setup a CLM2012 system. Additionally I setup on a second server a RRDI 2.0 system, following the great videos from Michal Fox.
Config:
- JTS/CCM/RM/QM on a Windows 2008-R2/64 Server with Websphere 8.0.0.3/64
- DB2 9.7.5 on a Windows 2008-R2/64 Server
- RRDI on DB Server with Websphere 8.0.0.3/64

Within RRDI (Cognos Connect) UI I'm able to login with the Jazz account of JTS and run the CLM reports, I imported from the CLM installation.

Within CCM reports menu, I'm able to "Perform Additional Reporting Tasks" (all three).

But, if I use the "Import Custom Report" within the "Reports/Browse/Shared Folder" page, I get an Error: "Unable to communicate with the Rational Reporting Server." as soon as I press the "Browse" button. According Infocenter help this should list me the reports I can import.

Similar I get if I use "Create Resource from Custom Reports" out of the "Reports/Report Resources" Menu.

I searched through many documents but did not find, what configuration step I missed during setup.

1 vote



One answer

Permanent link
I have found the solution. CLM was correctly configured. But the CLM Server where Websphere is running on, was not able to create a secure SSL connection to the Websphere on the RRDI Server. Because I'm using the selfsigned certificates between the Websphere servers, the Signer certificate of the RRDI Server was not in the keystore of the CLM Server.

Error Message in systemout.log of CLM-Websphere profile:

[8/9/12 11:47:00:527 CEST] 00000026 WSX509TrustMa E   CWPKI0022E: SSL

HANDSHAKE FAILURE:  A signer with SubjectDN "CN=GIRTC3XDB2IHS, OU=GIRTC3XDB2IHSNode01Cell, OU=RationalReportingNode01, O=IBM, C=US" was sent from target host:port "db1.devclm.company.com:9086".  The signer may need to be added to local trust store "C:/IBM/WebSphere/AppServer/profiles/AppSrv01/config/cells/GIRTC3XWASRTCNode01Cell/nodes/GIRTC3XWASRTCNode01/trust.p12"

 located in SSL configuration alias "NodeDefaultSSLSettings" loaded from SSL configuration file "security.xml".  The extended error message from the SSL handshake exception is: "PKIX path building failed:

java.security.cert.CertPathBuilderException: PKIXCertPathBuilderImpl could not build a valid CertPath.; internal cause is:

             java.security.cert.CertPathValidatorException: The certificate issued by CN=GIRTC3XDB2IHS, OU=Root Certificate, OU=GIRTC3XDB2IHSNode01Cell, OU=RationalReportingNode01, O=IBM, C=US is not trusted; internal cause is:

             java.security.cert.CertPathValidatorException: Certificate chaining error".


CWPKI0428I: The signer might need to be added to the local trust store. You can use the Retrieve from port option in the administrative console to retrieve the certificate and resolve the problem. If you determine that the request is trusted, complete the following steps:

Solution:
1. Log into the administrative console.
2. Expand Security and click SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations.
3. Select the appropriate outbound configuration to get to the (cell):GIRTC3XWASRTCNode01Cell:(node):GIRTC3XWASRTCNode01 management scope.
4. Under Related Items, click Key stores and certificates and click the NodeDefaultTrustStore key store.
5. Under Additional Properties, click Signer certificates and  Retrieve From Port.
6. In the Host field, enter db1.devclm.company.com in the host name field, enter 9086 in the Port field, and db1.devclm.company.com_cert in the Alias field.
7. Click Retrieve Signer Information.
8. Verify that the certificate information is for a certificate that you can trust.
9. Click Apply and Save.

2 votes

Comments

I did all necessary steps, but I am getting the same message again:

Unable to communicate with the Rational Reporting Server."

This is a new message in systemout.log:

[07.11.12. 14:06:36:880 CET] 00000026 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector executeWithRetry I/O exception (java.net.ConnectException) caught when processing request: Connection timed out: connect
[07.11.12. 14:06:36:880 CET] 00000026 HttpMethodDir I org.apache.commons.httpclient.HttpMethodDirector executeWithRetry Retrying request

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 2,353
× 403

Question asked: Aug 05 '12, 7:14 a.m.

Question was seen: 7,352 times

Last updated: Apr 23 '13, 4:41 a.m.

Confirmation Cancel Confirm