TM1 SSL Certificates Expiry Update

There’s been a flurry of news on SSL certs topic in past 2 weeks. Main ones are:

  • Automated updaters are released (yay!) for all client versions and not all server versions (nay, but not a big deal)
  • There’s a manual way to update certificates if you can’t do it automatically
  • So all is now ready for the updates, there’s nothing else to wait for :)

    We ran a webinar regarding the steps to do the updates, here’s a slide pack for your information. It has a link per TM1 version that might save you some reading time.

    Update 27/10/2016:
    An important caveat with testing the updated certs is posted on the IBM landing page :
    “Note that all documentation does suggest testing your certificate setup, by rolling your server time / clock past the expiry date. While this is still suggested (to ensure that all certificate changes are implemented correctly), this can be an issue depending on your security mode. Many things involving Kerberos/Windows Credentials will fail if the system time does not match the domain time. You may need to complete/confirm your testing using IntegratedSecurityMode=1”

    This might save you some troubleshooting time and grey hairs! Kudos to Barry for this one.

    Good luck with your updates! Let the force be with us all, it’ll be a busy month ahead :)