There’s been a flurry of news on SSL certs topic in past 2 weeks. Main ones are:
We ran a webinar regarding the steps to do the updates, here’s a slide pack for your information. It has a link per TM1 version that might save you some reading time. See it here
An important caveat with testing the updated certs is posted on the IBM landing page :
Note that all documentation does suggest testing your certificate setup, by rolling your server time / clock past the expiry date. While this is still suggested (to ensure that all certificate changes are implemented correctly), this can be an issue depending on your security mode. Many things involving Kerberos/Windows Credentials will fail if the system time does not match the domain time. You may need to complete/confirm your testing using IntegratedSecurityMode=1
This might save you some troubleshooting time and grey hairs! Kudos to Barry for this one.
Good luck with your updates! Let the force be with us all, it’ll be a busy month ahead :)