Bookshelf Home | Contents | Index | PDF     

Siebel Analytics Platform Installation and Configuration Guide > User Authentication Support in Siebel Analytics >

Generating a CMS Key Database File

Analytics License: All licenses.

Operating Systems: All.

This topic is part of User Authentication Support in Siebel Analytics, and a a task of the Process of Configuring LDAP and ADSI for Analytics Authentication.

The utility for generating a CMS key database is IkeyMan, located in the GSKit\bin directory.

NOTE:  Be sure that you complete the configuration of GSKit and set up the JAVA_HOME before running the key-generation command.

To generate a CMS key database file

  1. Run gsk6ikm.exe under Windows or gsk6ikm under UNIX.
  2. Enter a password.

    NOTE:  Do not check the box Stash the password to a file, because the password is entered in an LDAP object in the repository file.

    For details on generating a key database file, see the IBM Directory Server administration guide's chapter on securing the directory, in the section on using gsk6ikm.

  3. After creating the CMS key database file, store it in the Siebel Analytics Server configuration directory.

    NOTE:  This key file must be stored on all other machines used to connect to the LDAP server, such as the computer running the Server Administration Tool. Store the key file under the Siebel Analytics Server configuration directory (the directory containing NQSConfig.INI).

Generating CMS Key Database Files in GSKit 6

Releases of GSKit 6.x IKeyMan utility have certificates that expired January 6, 2004. This certificate expiration prevents IKeyMan from creating CMS key database files. If you are using GSKit 6.x, then perform one of the following procedures on the machine running IKeyMan.

Setting Back the System Clock

Before generating the CMS file, perform the following procedure to set back the system clock.

To create CMS files by setting back the system clock

  1. Turn back the system clock on the machine to a date before January 6, 2004.
  2. Run IKeyMan and create a CMS key database file.
  3. Save this key database file as a CMS file.
  4. Restore the system clock.
Creating and Converting Key Files

The following procedure first creates key files in another format, then converts them to CMS files.

To create non-CMS files without expired certificates

  1. Run IKeyMan.
  2. Create a key database file that is not of CMS type.

    For example: JKS, JCEKS and PKCS12.

  3. Delete the expired certificates.
  4. Save this key database file as a CMS file.
  
Siebel Analytics Platform Installation and Configuration Guide