Troubleshooting
Problem
When you try to use the tool ThirdPartyCertificateTool.bat to import a certificate signed by a Certificate Authority (CA), you receive the following error :
"PKI entry not found"
"PKI entry not found"
Symptom
When you use the GUI tool IkeyMan and follow all the steps described in this article : https://www-01.ibm.com/support/docview.wss?uid=swg22014876 , the certificate signed by the CA can be imported, but when you try to start the Cognos service, you hit this error :
[ ERROR ] The server did something wrong.
[ ERROR ] AAA-AUT-0016 The function call to 'CAMFactory.initialize' failed.
[ ERROR ] CAM-CRP-1095 Unable to find the encryption certificate with alias 'encryption' in the keystore
'D:/ibm/cognos/analytics/configuration/certs\CAMKeystore'.
[ ERROR ] AAA-AUT-0016 The function call to 'CAMFactory.initialize' failed.
[ ERROR ] CAM-CRP-1095 Unable to find the encryption certificate with alias 'encryption' in the keystore
'D:/ibm/cognos/analytics/configuration/certs\CAMKeystore'.
Cause
The Signature Algorithm used by the Certificate Authority to sign the certificate was SHA1withRSA
Environment
Microsoft Windows
Diagnosing The Problem
To check the Signature Algorithm, re-import again the signed certificate using IkeyMan and double-click on "encryption" (see attached screenshot)
Resolving The Problem
Ensure that the Certificate Authority signs the certificate with a Signature Algorithm >= SHA256WithRSA
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTSF6","label":"IBM Cognos Analytics"},"Component":"","Platform":[{"code":"PF033","label":"Windows"}],"Version":"11.1.3","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
14 October 2019
UID
ibm11087017