Installing the Agent for Java EE/JMX (Tomcat)

This page guides you through the installation of an agent in an AE system in which authentication is not used. Additional installation steps are required before the agent can be started and used if you intend to use one of the available authentication methods. For more information, see Agent Authentication.

Tip! This page refers only to the manual installation process. If you want instructions on how to install a containerized Java agent, see Installing Containerized Java Agents.

This page includes the following:

Connecting to the Automation Engine

The Automation Engine and the Windows, UNIX, and Java Agents communicate using TLS/SSL. These agents establish a connection with the Java communication process (JCP), which uses trusted certificates to prove their identity to other communication partners.

Note: The TLS/SSL implementation does not apply to the HP-UX Agent, as it is no longer supported in this version.

You can use the trustedCertFolder=, agentSecurityFolder=, and keyPassword= parameters in the respective INI file to point to the relevant certificates. If the trustedCertFolder= parameter is not set, the certificates should be installed in the respective store; that is the Java trust store for Java Agents, the Windows OS store for Windows Agents, or the TLS/SSL store for UNIX Agents. For more information, see Securing Connections to the AE (TLS/SSL).

For more information about the different certificate types and for detailed instructions on how to create and use them, see What Kind of Certificates Should I Use for Automic Automation v21.

TLS/SSL Agents (in containers or on-premises) and the TLS Gateway, when used for the Automic Automation Kubernetes Edition, establish a connection to an ingress / HTTPS load balancer and not the JCP directly. The ingress / HTTPS load balancer must be reachable and requires a certificate for authentication. The address of the load balancer must be defined on both sides: the Automation Engine and the Agent / TLS Gateway.

Important! When you install or upgrade Agents manually for an Automic Automation Kubernetes Edition system, you have to make sure that you configure your Agents and/or TLS Gateway to reach the TCP or HTTPS load balancer and not the CP or JCP directly. Also, make sure that your HTTPS load balancer has the required certificates in place. For more information, see Connecting to the AAKE Cluster.

Installing the Agent for Java EE/JMX (Tomcat)

  1. On the host, set up the JMX agent.

    • Start Tomcat and call the Tomcat Web Application Manager.

    • Select the ucxjjmx.war file in the Install > load local WAR file for installation section and start the installation.

      Note: The administrators role must exist. Adjust the tomcat-users.xml file, if the role does not exist yet. Enter the role and add it to a user.

      Example

      <role rolename="administrators"/>
      <user username="admin" password="" roles="admin,manager,administrators"/>

    • Restart Tomcat to apply the roles.

    • The JMX agent is displayed in the applications section of the Web Application Manager.

  2. On the host, use the configuration WebInterface .

    • The JMX agent has a configuration web interface that can be called with a Web browser using the following address: http://Server name:port/context root. For more information, see Web Configuration Interface for the Java EE/JMX Agent.

    • Adjust the JMX agent settings to your system environment. The most important settings are:

      • Name of the agent

      • Name of the computer on which the Java communication process is available

      • Port number of the Java communication process

      Note: the configuration file will be overwritten when you deploy the WAR file again. As a result you will have to redefine your configuration settings. Instead, you can also save a copy of your configuration file (INI file) before you start the deployment and copy it to the folder that includes the web application after the deployment has taken place.

    • Use the trustedCertFolder=, agentSecurityFolder=, and keyPassword= parameters in the respective INI file to point to the relevant certificates. If the trustedCertFolder= parameter is not set, the certificates should be installed in the respective store; that is the Java trust store for Java Agents, the Windows OS store for Windows Agents, or the TLS/SSL store for UNIX Agents. For more information, see Securing Connections to the AE (TLS/SSL).

      For more information about the different certificate types and for detailed instructions on how to create and use them, see What Kind of Certificates Should I Use for Automic Automation v21.

See also: