Exploring TM1 - a Chartertech Company
Close this search box.

Configure Planning Analytics Local SSL Certificate

When you have Planning Analytics Spreadsheet Service configured to use an SSL Certificate, you need to configure Planning Analytics to use SSL certificate as well.


Before you can configure Planning Analytics Local to use SSL, you would need the following files:

  • SSL Certificate with Password (PFX Format)


  • End User Certificate
  • Intermediate Certificate
  • Root Certificate

Import SSL Certificate to Planning Analytics

Do the following step if you were only given pfx file and not the individual files of the certificate chain ( root certificate, intermediate certificate and end-user certificate).

  1. Select Microsoft Management Console (MMC) and right-click Run as Administrator.
  2. Under File select Add or Remove Snap-ins
  1. Select Certificate and click on Add>
  1. Select Computer Account.
  1. Select Local Computer and click Finish and then OK.
  1. Under Trusted Root Certificate Authorities, right-click on Certificate and click on All Task -> Import and click Next.
  1. Click on Browse… and select the location of the .pfx file (Note: Make sure to change the type to Personal Information Exchange) and then click Next.
  1. Enter the password of the pfx file and click Next.
  1. In the MMC, Under Trusted Root Certificate Authority -> Certificate select the server certificate. The default view is shown as below. Make sure the certificate is issue for the correct server.

Export Root, Intermediate and End-User Certificate from PFX File

  1. Under Trusted Root Certificate Authorities, click on the imported certificate.
  1. Go under Certificate Path, in this page you should be able to verify the certificate chain. The top is the root certificate, underneath it is the intermediate certificate and the last is the end-user certificate.
  1. Under Details, click on Copy to File… and click Next.
  1. Click on No, do not export the private key. (Note: Selecting Yes, export the private key will only allow you to export the file in pfx file)
  1. Select Browse… and browse to the directory where you want to keep you certificates.
  1. Save the end-user certificate as cacert, intermediate certificate as caint and root certificate as caroot.
  2. Repeat the same for all the other certificates.

Import SSL Certificate to Planning Analytics’ Keystore

  1. Open Command Prompt as Administrator, navigate to the <tm1 installation>/bin64
  2. Import the cacert (end-user certificate) file using the following script
gsk8capicmd_64 -cert -add -db .sslibmtm1.kdb -stashed -label cacert -file .sslcacerts.cer -format ascii -trust enable
  1. Import the caint (intermediate certificate) and caroot (root certificate) files using the same script above changing the label and the file name.
  1. Check if the import has been done successfully using the following script gsk8capicmd_64 -cert -list -db .sslibmtm1.kdb -stashed. The labels indicate during the previous steps should show on the list.

Update tms1.cfg Configuration

  1. Open tm1s.cfg and update the the file to include UseSSL=T.
  • This field is for validation purposes and should be left unchanged.

Post Sections

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Log In