Troubleshooting
Problem
Encountering error 'XQE-DS-0006 Unable to logon to the data source' when creating JDBC connection to MS SQL Server 2016 when only TLS 1.2 protocol is enabled.
Resolving The Problem
1. Stop the dispatcher server.
2. Download the latest sqlserver jdbc driver 7.2 from the Microsoft website.
3. Unzip the sqljdbc_7.2.2.0_enu.tar.gz and then copy out the mssql-jdbc-7.2.2.jre8.jar jdbc(java8) driver to the dispatcher's <ca-Install>/drivers folder.
4. Remove any other older versions of the Microsoft SQL Server database driver from the drivers folder.
5. Download the unrestricted IBM jre policy files from the following website: https://public.dhe.ibm.com/ibmdl/export/pub/systems/cloud/runtimes/java/security/jce_policy/
6. Move the US_export_policy and the local_policy that reside under the <CA-Install>/jre/lib/security folder to a backup location.
7. Copy the two unrestricted policy files to the dispatcher <CA-Install>/jre/lib/security folder to replace the ones that were moved out to the backup location.
8. Launch Cognos configuration of the dispatcher server and then in Cognos configuration navigate to cryptography-> cognos -> ciphersuites and add all the sha256 ciphersuites to the right pane and save out configuration.
9. Start the application tier.
10. In Cognos portal set the following in the the query service->settings->Additional JVM arguments for the query service (Requires QueryService restart)
2. Download the latest sqlserver jdbc driver 7.2 from the Microsoft website.
3. Unzip the sqljdbc_7.2.2.0_enu.tar.gz and then copy out the mssql-jdbc-7.2.2.jre8.jar jdbc(java8) driver to the dispatcher's <ca-Install>/drivers folder.
4. Remove any other older versions of the Microsoft SQL Server database driver from the drivers folder.
5. Download the unrestricted IBM jre policy files from the following website: https://public.dhe.ibm.com/ibmdl/export/pub/systems/cloud/runtimes/java/security/jce_policy/
6. Move the US_export_policy and the local_policy that reside under the <CA-Install>/jre/lib/security folder to a backup location.
7. Copy the two unrestricted policy files to the dispatcher <CA-Install>/jre/lib/security folder to replace the ones that were moved out to the backup location.
8. Launch Cognos configuration of the dispatcher server and then in Cognos configuration navigate to cryptography-> cognos -> ciphersuites and add all the sha256 ciphersuites to the right pane and save out configuration.
9. Start the application tier.
10. In Cognos portal set the following in the the query service->settings->Additional JVM arguments for the query service (Requires QueryService restart)
-Dcom.ibm.jsse2.overrideDefaultTLS=true
11. Stop query service and wait 30 seconds before restarting the Query Service.
12. Once the query service has restarted retest the data source connection.
12. Once the query service has restarted retest the data source connection.
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSTSF6","label":"IBM Cognos Analytics"},"Component":"","Platform":[{"code":"PF002","label":"AIX"}],"Version":"11.1.1","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]
Was this topic helpful?
Document Information
Modified date:
09 May 2019
UID
ibm10884092