Troubleshooting
Problem
Custom SSL/TLS certificate has been installed on the TM1 Data Tier as described in this document:
https://www.ibm.com/support/pages/how-configure-ssl-planning-analytics-data-tier-using-gskit-new-certificate-signing-request
Since then, when running Architect or Perspectives, the list of available TM1 Servers is empty, unless the connected user is a member of the local Administrators group on Windows.
Symptom
In TM1 admin server logs you might see entry like:
26322 DEBUG 2023-02-20 11:56:04,114 TM1.Comm.SSL gsk_secure_soc_init failed. Error: 420
26322 DEBUG 2023-02-20 11:56:04,114 TM1.Comm.SSL Info: 0 returned from net_GSKAccept certificate validation result. GSK Error Code: GSK_OK.
26322 DEBUG 2023-02-20 11:56:04,115 TM1.Comm.SSL Unable to accept connection
Cause
The problem occurs at this step of the technote:
gsk8capicmd_64 -keydb -create -populate -db "C:\Program Files\ibm\cognos\tm1_64\bin64\ssl\custom.kdb" -type cms -pw changeit -stash
This command creates 4 files:
custom.kdb
custom.crl
custom.rdb
custom.sth
In the properties of the KDB, CRL, and RDB files, we can see there is some security setting that has been set:
Full control for Administrators and SYSTEM
Read and Execute for Users and "ALL APPLICATION PACKAGES", and "ALL RESTRICTED APPLICATION PACKAGES"
But for custom.sth there is just the default Read, Write, and Special Permissions for Administrators only.
This command creates 4 files:
custom.kdb
custom.crl
custom.rdb
custom.sth
In the properties of the KDB, CRL, and RDB files, we can see there is some security setting that has been set:
Full control for Administrators and SYSTEM
Read and Execute for Users and "ALL APPLICATION PACKAGES", and "ALL RESTRICTED APPLICATION PACKAGES"
But for custom.sth there is just the default Read, Write, and Special Permissions for Administrators only.
Resolving The Problem
Right-click "custom.sth", go to properties, and give Read and Execute permissions:
- to Users,
- to "ALL APPLICATION PACKAGES",
- and to "ALL RESTRICTED APPLICATION PACKAGES"
Document Location
Worldwide
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSCTEW","label":"IBM Planning Analytics Local"},"ARM Category":[{"code":"a8m50000000KzIkAAK","label":"Security"},{"code":"a8m50000000KzK7AAK","label":"Security-\u003ESSL"},{"code":"a8m0z000000blfjAAA","label":"Troubleshooting"}],"ARM Case Number":"","Platform":[{"code":"PF033","label":"Windows"}],"Version":"All Version(s)","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
02 April 2024
UID
ibm16221272