Cognos 8 Report Studio -- key store certificate

If you need to validate that a certificate has been added to the Key store after executing the ThirdPartyCertificateTool command, then you could perform the following steps for validation:


1. From the command line you would type:
ThirdPartyCertificateTool.bat -i -s -r signCertificate.cer -k ../configuration/signkeypair/jSignKeystore -p -t ca.cer

If you were successful then you should see a message similar to -- "CAM-CRP-1254 Could not store the third party certificate in the keystore because a certificate already exists for that keypair."

2. From the command line you would then need to type the following command to then validate the certificate was added into encryptkeypair key store:
ThirdPartyCertificateTool.bat -i -e -r encryptCertificate.cer -k ../configuration/encryptkeypair/jEncKeystore -p -t ca.cer

You should then see the following message:
"CAM-CRP-1254 Could not store the third party certificate in the keystore because a certificate already exists for that keypair."

3. Issue the following command to load the certificate into the signkeypair key store if it was not loaded by previous commands:
ThirdPartyCertificateTool.bat -T -i -r ca.cer -k ../configuration/signkeypair/jCAKeystore -p

The following message should come up:
"Loaded CA certificate: 'EmailAddress=certificatemail@domain.com, CN=, OU=, O=, L=, ST=, C='.Stored CA certificate(s)."

If you do not get this message please verify that files are located where they are require. i.e. The ca.cer file must be located in the Cognos install path/bin directory.

Note: After adding a certificate the jCAKeystore file will increase its size for about 900-1000 bytes.