Installing the JCP

The following steps will help you install the Java Communication Process (JCP).

The files needed for the JCP are the same as the files provided for the JWP in the same directory as all the other Automation Engine files.

Since the installation of the JWP is mandatory and the files necessary for the JCP are the same as those used to install the JWP, there is no need to unpack any files nor to carry out any other installation step.

The installation of the Java Communication Process (JCP) is also relevant for the TLS/SSL connection to the UNIX, Windows, and Java based agents, the Automic Web Interface, and the Java API. This connection is done through secure WebSockets (WSS).

The port or port range assigned for this connection is defined in the WS.PORT= parameter in the [PORTS] section of the INI file of the Automation Engine (see Automation Engine). If you have installed a JCP per host, you can use the same WSS port definition in each instance.

Notes:

  • The processes require a keystore (in PKCS12 format) to work with the corresponding certificates. Make sure you have created a keystore beforehand. For more information, see Securing Connections to the AE (TLS/SSL).

    You also have to define the following parameters in the [TLS] section of the INI file of the Automation Engine (ucsrv.ini):

    • keystore= Path and file where the keystore for the TLS/SSL certificate is stored

      Default value: ./httpsKeyfile

      This parameter is mandatory and must point to the correct target; otherwise, the process server will terminate.

    • keystorePassword= Password for the keystore file

      Default value: changeit

      If the value is not defined or is left empty, the system uses the default value.

    • keyPassword=Password for the key

      Default value: changeit

      If the value is not defined or is left empty, the system uses the default value.

    • keyAlias= Alias used for the key

      Default value: jetty

      If the value is not defined or is left empty, the system uses the default value.

    The keystorePassword and the keyPassword can be obfuscated with the UCYBCRYP Utility. For more information, see Obfuscating Passwords.

  • When the JCP is initiated, it binds to two ports:

    • The WS.PORT which is configurable in the INI file and is used by the Agents to communicate with the JCP.

    • To the port you have defined in the JCP.PORTS parameter in the [PORTS] section of the AE INI file. If there are no ports defined in this section, the JPC binds randomly to another port, which is necessary for the internal communication between WP and JCP/CP. When the JCP starts, it opens a random port and sends it internally via the database to the WPs so that WPs can reach the JCPs/CPs.

    • For more information, see Configuring Firewall and Ports.

Java Cryptography Extension (JCE)

To ensure that the TLS Gateway can handle non-TLS/SSL connections, the JCP must have the Java Cryptography Extension installed.

Important! JDK requires these policy files only if you work with Java 8. Java 9 and later versions include and use these files by default.

  1. Install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy.

    The JCE Unlimited Strength Jurisdiction Policy has to be installed on the machines where:

    • The Automic Web Interface runs.
    • The Automation Engine (JWP/JCP) runs.

    Download at Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy

    For IBM Java, you must use the policy files of IBM. The unlimited jurisdiction policy files are located in directory SDK /demo/jce/policy-files/unrestricted/. For more information, see https://www.ibm.com/support/knowledgecenter/en/SSYKE2_7.1.0/com.ibm.java.security.component.71.doc/security-component/sdkpolicyfiles.html.

    The Readme file contains the installation instructions on how to copy the .jar files to appropriate location (e.g. <java-home>\lib\security). If there are multiple Java installations on the same computer, setting up a policy file for all installations is recommended.

More information:

Starting the JCP

Use this kind of command to start the JCP process via the command line:

java -Xmx2G -jar ucsrvjp.jar -Iucsrv.ini -cp

The file ucsrvjp.jar is provided in the same directory as the other Automation Engine files. It is used exclusively to start the JWP, JCP and the REST process.

The JCP can also be started via ServiceManager.

java -Xmx2G -jar ucsrvjp.jar -Iucsrv.ini -svc%port% -cp

The -svc parameter should be omitted when starting directly via the command line.

Upgrading to the New JCP

As of this version, the communication between the Automation Engine, the Automic Web Interface, and the Proxy Client as well as between the Automation Engine, the Agents and the TLS Gateway uses TLS/SSL through a secure WebSocket (WSS). These components establish a connection with the Java communication process (JCP). For more information, see Securing Connections to the AE (TLS/SSL).

This means that upgraded components that used to connect to a communication process (CP) must connect to a Java communication process (JCP).

Important!

  • If you upgrade your system manually, make sure you check for incompatibilities and fulfill all requirements.

    More information:

  • If you use the Zero Downtime Upgrade, remember that the new JCP is only available after the connections have been switched in step four of the wizard and the primary work process (PWP) in the target version is running.

    You can start the new JCP in the Service Manager but the primary work process (PWP) of the current (base) version does not recognize it. Therefore, the new JCP is not displayed in the Automation Engine Management > Processes and Utilization page of the Administration perspective until you open it in the new (target) version.

    The same applies to the rollback process. This means you have to start the rollback in the new (target) version of the AWI and continue in the current (base) version of the AWI. For more information, see Upgrade Process.

Next step:

Installing the Online Documentation