Installing the Agent for Java EE/JMX (IBM WebSphere) with SOAP Connector

This page guides you through the installation of an agent in an AE system in which authentication is not used. Additional installation steps are required before the agent can be started and used if you intend to use one of the available authentication methods. For more information, see Agent Authentication.

Tip! This page refers only to the manual installation process. If you want instructions on how to install a containerized Java agent, see Installing Containerized Java Agents.

Note: This installation guide applies to WebSphere version 6.0 with activated administrative security.

This page includes the following:

Connecting to the Automation Engine

The Automation Engine and the Windows, UNIX, and Java Agents communicate using TLS/SSL. These agents establish a connection with the Java communication process (JCP), which uses trusted certificates to prove their identity to other communication partners.

Important! Make sure you are familiar with the TLS/SSL and certificate implementation before installing and/or upgrading the respective component. For more information, see:

When you used certificates signed by a CA, the certificates are stored in the respective Java or OS store by default; that is the Java trust store for Java components and Java Agents, the Windows OS store for Windows Agents, or the TLS/SSL store for UNIX Agents. In this case, you only have to check that the root certificates already are in the respective store.

If you do not want to use the default locations for the components and Agents listed above, make sure you use the trustedCertFolder=, agentSecurityFolder=, and keyPassword= parameters (if applicable) in the respective configuration (INI) file to define the path to the folder where the trusted certificates are stored.

Important! TLS/SSL Agents (in containers and on-premises) as well as the TLS Gateway, when used for the Automic Automation Kubernetes Edition, establish a connection to an ingress / HTTPS load balancer, which requires a certificate for authentication.

Make sure that address of the load balancer is defined on both sides: the Automation Engine and the Agent / TLS Gateway and that your HTTPS load balancer has the required certificates in place. For more information, see Connecting to AWI, the JCP and REST Processes Using an Ingress.

Installing the Agent for Java EE/JMX (IBM WebSphere) with SOAP Connector

On the host, set up the Agent.
- On the WebSphere interface, select the Applications > Install New Application
- Specify the path to ucxjjmx.war in Local File System. You can use Context root can be used to name the application.
- Optionally, use the next window to activate the option Generate standard connections and define other settings.
- Follow the installation procedure as described. In step 4, select the option Everyone? next to administrators.
- When all six steps are complete, complete the installation procedure by clicking Finish. Refer to the log to verify that the installation was successful.
- Select Store in master configuration and click Save.
- Select Applications > Enterprise Applications. The list now includes the agent.
- The agent can be started via the configuration WebInterface.
On the host, configure the INI file.
- Search for the ucxjjmx.ini file in the WebSphere folder and open it to append the new [WEBSPHERE] section using the following parameters:
  
  [WEBSPHERE]
  javax.net.ssl.trustStore=C:\DummyClientTrustFile.jks
  javax.net.ssl.keyStore=C:\DummyClientKeyFile.jks
- Adjust the values for the javax.* properties according to your environment.
- When you used certificates signed by a CA, the certificates are stored in the respective Java or OS store by default. In this case, you only have to check that the root certificates already are in the respective store.
  
  If you do not want to use the default location for this component, make sure you use the trustedCertFolder=, agentSecurityFolder=, and keyPassword= parameters (if applicable) in the respective configuration (INI) file to define the path to the folder where the trusted certificates are stored.
  
  For more information, see Securing Connections to the AE (TLS/SSL).
- Store and close the INI file.
This installation step is optional as of Websphere version 7 optional. Note when you skip this step that you must enter the value "webshere soap" in the Initial Context Factory field in the JMX tab of the Job object. For more information, see JMX Jobs.
On the host, start the agent application via the WebSphere console.
On the host, use the configuration WebInterface .
- The JMX agent has a configuration web interface that can be called with a Web browser using the following address: http://Server name:port/context root. For more information, see Web Configuration Interface for the Java EE/JMX Agent.
- Adjust the JMX agent settings to your system environment. The most important settings are:
  - Name of the agent
  - Name of the computer on which the Java communication process is available
  - Port number of the Java communication process
  Note: the configuration file will be overwritten when you deploy the WAR file again. As a result you will have to redefine your configuration settings. Instead, you can also save a copy of your configuration file (INI file) before you start the deployment and copy it to the folder that includes the web application after the deployment has taken place.
- When you used certificates signed by a CA, the certificates are stored in the respective Java or OS store by default. In this case, you only have to check that the root certificates already are in the respective store.
  
  If you do not want to use the default location for this component, make sure you use the trustedCertFolder=, agentSecurityFolder=, and keyPassword= parameters (if applicable) in the respective configuration (INI) file to define the path to the folder where the trusted certificates are stored.
  
  For more information, see Securing Connections to the AE (TLS/SSL).
- Start the agent.
- Click the link View log files and select the most current log file (it has the number "00"). The [WEBSPHERE] section must be included in the log file.
On the host, before creating jobs, consider the following issues:
- Select Remote Java VM in the Job object's JMX tab
- Enter the term websphere in the field Initial Context Factory
- Specify the WebLogic Server for the server URL using the Host name of the WebSphere:SOAP Port format
- Retrieve the port number. To do so, log on to the administrator console and select Servers > Applications servers. Select the name of your server and select Transmittals > Ports. The table contains the entry BOOTSTRAP_ADDRESS. Use the port number shown in the URL.
  
  The SOAP default port is 8880.
- Enter three passwords separated by commas in the job's Login object:
  - The 1st password is the user password.
  - The 2nd password is the keystore password.
  - The 3rd password is the truststore password.