Cognos ReportNetTM Installation and Configuration Guide

20.07.2014 Views
Chapter 7: Advanced Configuration Options Command Information flags Description -d DN to use for certificate -r CSR or certificate file location (depends on mode) -t certificate authority certificate file (only with -i) -p Key Store password (must be provided) -a Key pair algorithm. RSA or DSA. Default: RSA The following sample values are used: Property Signing certificate DN Value CN=SignCert,O=MyCompany,C=CA Encryption certificate DN CN=EncryptCert,O=MyCompany,C= CA Key store password password Steps 1. Go to the crn_location/bin directory. 2. Create the signing certificate request by typing the following command: • On UNIX, type: ThirdPartyCertificateTool.sh -c -s -d "CN=SignCert,O=MyCompany,C=CA" -r signRequest.csr -k ../configuration/signkeypair/jSignKeystore -p password • On Windows, type: ThirdPartyCertificateTool.bat c -s -d "CN=SignCert,O=MyCompany,C=CA" -r signRequest.csr -k ../configuration/signkeypair/jSignKeystore -p password Important: You must type jSignKeystore as the name of the signing key store. Tip: UNIX filenames are case-sensitive and must be entered exactly as shown. 3. Create the encryption certificate request by typing the following command: • On UNIX, type: ThirdPartyCertificateTool.sh -c -e -d "CN=EncryptCert,O=MyCompany,C=CA" -r encryptRequest.csr -k ../configuration/encryptkeypair/jEncKeystore -p password • On Windows, type: ThirdPartyCertificateTool.bat -c -e -d "CN=EncryptCert,O=MyCompany,C=CA" -r encryptRequest.csr -k ../configuration/encryptkeypair/jEncKeystore -p password Important: You must type jEncKeystore as the name of the encryption key store. 4. Input the certificate signing request (CSR) files into the third party certificate authority. For more information, see your third-party CA documentation. The certificate authority produces a signing certificate and an encryption certificate. 5. Copy the contents of the CA certificate into ca.cer 6. Copy the contents of the signing certificate into signCertificate.cer. 7. Copy the contents of the encryption certificate into encryptCertificate.cer 8. Copy ca.cer, signCertificate.cer, and encryptCertificate.cer to crn_location\bin. These files must be Base-64 encoded X.509 format. 88 Cognos ReportNet TM

Chapter 7: Advanced Configuration Options 9. Import the signing certificate by typing the following command: • On UNIX, type: ThirdPartyCertificateTool.sh -i -s -r signCertificate.cer -k ../configuration/signkeypair/jSignKeystore -p password -t ca.cer • On Windows, type: ThirdPartyCertificateTool.bat-i -s -r signCertificate.cer -k ../configuration/signkeypair/jSignKeystore -p password -t ca.cer Important: You must type jSignKeystore as the name of the signing key store. 10. Import the encryption certificate by typing the following command: • On UNIX, type: ThirdPartyCertificateTool.sh -i -e -r encryptCertificate.cer -k ../configuration/encryptkeypair/jEncKeystore -p password -t ca.cer • On Windows, type: ThirdPartyCertificateTool.bat -i -e -r encryptCertificate.cer -k ../configuration/encryptkeypair/jEncKeystore -p password -t ca.cer Important: You must type jEncKeystore as the name of the encryption key store. 11. Import the CA certificate by typing the following command: • On UNIX, type: ThirdPartyCertificateTool.sh -T -i -r ca.cer -k ../configuration/signkeypair/jCAKeystore -p password • On Windows, type: ThirdPartyCertificateTool.bat -T -i -r ca.cer -k ../configuration/signkeypair/jCAKeystore -p password Important: You must type jCAKeystore as the name of the certificate authority key store. Now, you must use your third-party certificate authority configuration tool to add the ReportNet keys and certificate signing requests to your certificate authority. For more information, see your third-party certificate authority documentation. Configure ReportNet to use a Third-Party Certificate Authority You must configure each ReportNet computer to use an external certificate authority by setting the appropriate property in Cognos Configuration. By setting this property, ReportNet assumes that all required keys have been generated and vetted by the external certificate authority. Ensure that the key store locations and password in Cognos Configuration match the ones you typed in the command-line tool. Steps 1. Start Cognos Configuration 2. In the Explorer window, under Security, Cryptography, click Cognos. 3. In the Properties window, under Certificate Authority settings property group, click the Value box next to the Use third party CA property and then click True. Note: When you set this property to true, all properties for the certificate authority and identity name are ignored 4. Configure the following properties to match the ones you typed in the command line utility: • Signing key store location • Signing key store password • Encryption key store location • Encryption key store password • Certificate Authority key store password 5. From the File menu, click Save. 6. If you want to start the ReportNet service, from the Actions menu, click Start. Installation and Configuration Guide 89

Page 1 and 2: COGNOS (R) ENTERPRISE BUSINESS INTE

Page 3 and 4: Table of Contents Introduction 7 Ad

Page 5 and 6: Chapter 10: Uninstalling Cognos Rep

Page 7 and 8: Introduction This document is avail

Page 9 and 10: Additional Materials In this guide,

Page 11 and 12: Chapter 1: ReportNet Before impleme

Page 13 and 14: Chapter 1: ReportNet Installing Rep

Page 15 and 16: Chapter 1: ReportNet Framework Mana

Page 17 and 18: Chapter 2: Installing ReportNet on








Page 33 and 34: Chapter 4: Configuring ReportNet Af

Page 35 and 36: Chapter 4: Configuring ReportNet St

Page 37 and 38: Chapter 4: Configuring ReportNet 3.

Page 39 and 40: Chapter 4: Configuring ReportNet Co

Page 41 and 42: Chapter 4: Configuring ReportNet Wh

Page 43 and 44: Chapter 4: Configuring ReportNet Th






Page 55 and 56: Chapter 4: Configuring ReportNet Ad

Page 57 and 58: Chapter 4: Configuring ReportNet Ex

Page 59 and 60: Chapter 4: Configuring ReportNet Sp


Page 63 and 64: Chapter 5: Installing Framework Man

Page 65 and 66: Chapter 5: Installing Framework Man

Page 67 and 68: Chapter 6: Configuring Framework Ma





Page 77 and 78: Chapter 7: Advanced Configuration O





Page 87: Chapter 7: Advanced Configuration O

Page 91 and 92: Chapter 8: Setting Up the Samples Y

Page 93 and 94: Chapter 8: Setting Up the Samples 7

Page 95 and 96: Chapter 8: Setting Up the Samples S

Page 97 and 98: Chapter 9: Setting Up an Unattended

Page 99 and 100: Chapter 9: Setting Up an Unattended

Page 101 and 102: Chapter 10: Uninstalling Cognos Rep

Page 103 and 104: Appendix A: Manually Configuring Re

Page 105 and 106: Appendix A: Manually Configuring Re

Page 107 and 108: Appendix B: Troubleshooting Use thi

Page 109 and 110: Appendix B: Troubleshooting Unable

Page 111 and 112: Appendix B: Troubleshooting For Con

Page 113 and 114: Appendix B: Troubleshooting 2. If y

Page 115 and 116: Appendix B: Troubleshooting Databas

Page 117 and 118: Appendix C: Database Schema for Log

Page 119 and 120: Appendix D: Database Clean Up Scrip

Page 121 and 122: Glossary anonymous access A method

Page 123 and 124: Glossary In Framework Manager, name

Page 125 and 126: Index A adding resources, 103 AIX e

Page 127 and 128: Index Framework Manager components,

Page 129 and 130: Index server administration logging

reportnet

configuration

content

cognos

server

database

configure

installation

framework

install

reportnettm

sharepoint.cabq.gov

Cognos ReportNetTM Installation and Configuration Guide

Cognos ReportNetTM Installation and Configuration Guide ... View more Cognos ReportNetTM Installation and Configuration Guide

Delete template?

Save as template ?

Cognos ReportNetTM Installation and Configuration Guide Cognos ReportNetTM Installation and Configuration Guide