Product:
Cognos Controller Web 10.4.2
Microsoft Windows 2016 server
Issue:
When change Controller Web configuration, user can not login to Controller web. You get a error in the log file that it does not work. There could be error like this:
[ERROR ] CWPKI0033E: The keystore located at d:/Program Files/ibm/cognos/ccr_64/fcmweb/wlp/usr/servers/fcm.web/resources/security/key.jks did not load because of the following error: Keystore was tampered with, or password was incorrect…
Check log file D:\Program Files\ibm\cognos\ccr_64\fcmweb\wlp\usr\servers\fcm.web\logs\messages.log
Check log file D:\Program Files\ibm\cognos\ccr_64\frontend\logs\fcmwebui-stderr.2022-09-13.log
Server ip written in backend-url.js!
Express server listening on port 9080
error from web proxy: { Error: connect ECONNREFUSED 192.168.1.71:3443
at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1097:14)
errno: ‘ECONNREFUSED’,
code: ‘ECONNREFUSED’,
syscall: ‘connect’,
Solution:
Check that you use the same password for your PFX file you import certificate from as you use for the key.jks file you created for the Controller Web setup.
Update the file config.js in folder D:\Program Files\ibm\cognos\ccr_64\frontend to correct password
…..
},
“secure”: false //set this to false when you use custom certificates for Controller Web
}
}],
…..
“ssl”: {
// certificates
“key”: fs.readFileSync(__dirname+”/keyfile.key”), //__dirname points to ccr_64\frontend
“cert”: fs.readFileSync(__dirname+”/cert.crt”),
“passphrase”:”TheNewPasswordHere”
}…..
Update the file server.xml in folder D:\Program Files\ibm\cognos\ccr_64\fcmweb\wlp\usr\servers\fcm.web to correct password
….
</webApplication>
<keyStore id=”defaultKeyStore” password=”TheNewPasswordHere” sslProtocol=”SSL_TLS” />
</server>…..
Save the changes and restart all 3 IBM Cognos Controller Web services.
Wait at least 20 minutes for it to load fully, before you test.
More information:
https://www.ibm.com/support/pages/node/883036
https://www.ibm.com/support/pages/how-configure-controller-web-use-ssl-https