1. Scripting Reference for Oracle Essbase
  2. MaxL
  3. Manage Essbase Using the MaxL Client
  4. Prerequisites to Set Up the MaxL Client

Prerequisites to Set Up the MaxL Client

Before you can use the MaxL Client, you will need the Essbase URL, and you may need to set up the TLS (SSL) certificate.

To run MaxL scripts or statements, you must be a power user or administrator. To prepare for using the MaxL Client,
  1. Get the URL for the Essbase instance from your Service Administrator. Its basic format is:
    https://IP-address:port/essbase
  2. Using a web browser or cURL, test that you can reach the discovery URL from the client host. A discovery URL is the URL provided by your Service Administrator, with /agent appended to the end. Here is a cURL example (for secure/TLS mode in an independent Essbase deployment):
    curl https://192.0.2.1:9001/essbase/agent --tlsv1.2

    Here is an example for a stack deployment of Essbase on OCI: 

    curl https://192.0.2.1:443/essbase/agent --tlsv1.2

    If you have connectivity, you should see a response:

    <html>
<head><title>Oracle&#x00ae; Essbase</title></head>
<body>
<H2>Oracle&#x00ae; Essbase</H2>
</body></html>
  3. Set up the SSL certificate, if applicable to your organization.
    • If you’re using one of these deployment types, a Trusted CA Signed SSL Certificate is included:

      • Oracle Analytics Cloud

      • Oracle Analytics Cloud with Identity Cloud Service (IDCS) and Load Balancing

      • Cloud at Customer with Load Balancing

    • If you’re using Oracle Analytics Cloud or Cloud at Customer with LDAP (without Load Balancing), use a self-signed certificate.
    • To check if a certificate is trusted, paste the discovery URL into a web browser. If https is green or a label says “Secure,” it is trusted. If https is red or a label says “Not secure,” it is untrusted.
    • If you're using the MaxL Client in Essbase 21c with a self-signed certificate, you will have two options (do this after you download the client):

      1. Disable peer verification by setting the environment variable API_DISABLE_PEER_VERIFICATION=1

        Linux example

        Edit startMAXL.sh, adding the following line: 

        export API_DISABLE_PEER_VERIFICATION=1

        Windows example

        Edit startMAXL.bat, adding the following line: 

        set API_DISABLE_PEER_VERIFICATION=1

      2. Import the self-signed certificate to the client trust store (cacert.pem) and set the environment variable API_CAINFO=CA <certificate file path>. The client verifies the server’s digital certificate using a provided ca-bundle certificate store. Provide the ca-bundle location by specifying the environment variable API_CAINFO=CA <certificate file path>

        Linux example

        Edit startMAXL.sh, adding the following line: 

        export API_CAINFO=/u01/cacert.pem

        Windows example

        Edit startMAXL.bat, adding the following line: 

        set API_CAINFO=c:/cacert.pem

        If you don't provide certificate file path, the Essbase Runtime Client will try to get ca-bundle from the default OpenSSL installation location (applicable for Linux and Macintosh).

        A cacert.pem is available in the MaxL Client download zip. Another sample source is: https://curl.haxx.se/docs/caextract.html.