Home
HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 9.5 Fix Pack 6.
Administration Guide
Connection security overview
Creating a Certificate Authority
How to create a CA and generate the key

HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 9.5 Fix Pack 6.
- Fix Pack readmes
  For the latest information about a Fix Pack, see the appropriate Readme File.
- Planning and Installation
- User's Guide and Reference
- Administration Guide
  - Customizing and configuring HCL Workload Automation
  - Configuring the Dynamic Workload Console
  - Configuring user authorization (Security file)
  - Configuring authentication
  - Network administration
  - Connection security overview
    - Creating a Certificate Authority
      How to create a CA and generate the key
    - SSL connection by using the default certificates
      The SSL connection between the console and other product components is enabled by using the default certificates.
    - Customizing certificates for master domain manager and dynamic agent communication
      Supported scenarios for creating custom certificates for communication between master domain manager and dynamic agent
    - Scenario: Connection between the Dynamic Workload Console and the HCL Workload Automation components
      The Dynamic Workload Console connects in SSL mode with the HCL Workload Automation components by using the default certificates. You might configure the Dynamic Workload Console to connect in SSL mode by using your certificates.
    - Extending communication scenarios to other server components
      Apply custom certificates to backup master domain manager and dynamic domain manager
    - Scenario: SSL Communication across the fault-tolerant agent network
    - SSL command reference
      List of commands for managing certificates
  - Data maintenance
  - Administrative tasks
  - Administering IBM i dynamic environment
    On overview on how to administer the HCL Workload Automation IBM i dynamic environment.
  - Performance
  - Availability
  - License computation model
- Scheduling with the Agent for z/OS
- Database Views
- Integrating
- High Availability Cluster Environment
- Driving HCL Workload Automation
- Extending HCL Workload Automation

Creating a Certificate Authority

How to create a CA and generate the key

About this task

If you do not have a corporate CA, you can perform the sample steps listed below to create one and generate the key, by modifying the data to match your environment. You can use the openssl command located in the installation directory, as follows:

Procedure

Browse to the following path:

On Windows operating systems

inst_dir\TWS\bin\tmpopenssl

On UNIX operating systems

inst_dir/TWS/tmpOpenSSL64/1.1/bin/openssl
./openssl genrsa -out ca.key 2048
./openssl req -x509 -new -nodes -key ca.key -subj "/CN=WA_ROOT_CA" -days 3650 -out ca.crt -config ./openssl.cnf
The ca.key must remain secret, the ca.crt is involved in the procedure.
./openssl genrsa -des3 -out tls.key 2048
./openssl req -new -key tls.key -out tls.csr -config ./openssl.cnf
./openssl x509 -req -in tls.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out tls.crt
Retrieve the tls.crt and tls.key.

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.