SSL Certificate Expiry on 24-Nov-2016 Client Fix

There will be a global disruption for IBM Cognos TM1’s default SSL certificate used for client/server encrypted communications expiry which will happen on 24-Nov-2016. We are planning for a global fix which will need to take place on both the server side and client side (means every RMA’s computer).


There will be an automatic new client certificate deployment using Group Policy for all domain-joined clients reside in RMA Corporate Network. This will not cover remote clients and off-site clients which will need manual fix below.


This how-to will guide you through the fixing steps required at the client side. If your TM1 clients cannot be able to connect to the server, apply below fix steps.


1. Go to C:\Program Files (x86)\Cognos\TM1\bin\ssl folder and determine the applixca.pem file. Note if the size is 1,131 bytes and modified date is 7-Feb-2011 then it needs to be updated with the new certificate.


2. Download new certificate at


3. Replace the old applixca.pem with the newly downloaded one. Get through all the pop-up.


4. Make sure it is properly replaced by determining the file size and modified date. Now the file size should be 1,484 bytes and modified date should be 17-Jun-2016.


5. Using your TM1 client and try to connect to the server again. This time it should be able to connect to the server.


If you encounter any problem or need help, please contact our ITM Helpdesk.


Reference link :-

Article Details

Article ID:
Date added:
2016-11-22 13:07:46
Rating (Votes):

Related articles