Installing the Agent for Java EE/JMX (Application Server)

This section guides you through the installation of an agent in an AE system in which authentication is not used. Additional installation steps are required before the agent can be started and used if you intend to use one of the available authentication methods. For more information, see Agent Authentication.

The Automation Engine and the Windows, UNIX, and Java Agents communicate using TLS/SSL. These agents establish a connection with the Java communication process (JCP), which uses trusted certificates to prove their identity to other communication partners.

Important! Make sure you are familiar with the TLS/SSL and certificate implementation before installing and/or upgrading the respective component. For more information, see:

• TLS/SSL Considerations for Automic Automation

• Securing Connections to the AE (TLS/SSL)

When you used certificates signed by a CA, the certificates are stored in the respective Java or OS store by default; that is the Java trust store for Java components and Java Agents, the Windows OS store for Windows Agents, or the TLS/SSL store for UNIX Agents. In this case, you only have to check that the root certificates already are in the respective store.

If the relevant certificates are not there and you want to import them, you can use OS or Java specific tools for that purpose, such as Keytool, cert-manager, OpenSSL and such. For more information on how to use those tools, please refer to the respective product documentation.

If you do not want to use the default locations for the components and Agents listed above, make sure you use the trustedCertFolder=, agentSecurityFolder=, and keyPassword= parameters (if applicable) in the respective configuration (INI) file to define the path to the folder where the trusted certificates are stored.

You can secure the keyPassword and any other passwords in the (INI) configuration file by manually obfuscating them with the UCYBCRYP utility (the system default) or by enabling the automatic password encryption feature. For more information, see Obfuscating and Encrypting Passwords.

Important! TLS/SSL Agents (in containers and on-premises) as well as the TLS Gateway, when used for the Automic Automation Kubernetes Edition, establish a connection to a Gateway API, an ingress, or an HTTPS load balancer, which requires a certificate for external authentication.

Make sure that the address of the Gateway API, ingress, or load balancer is defined on both sides: the Automation Engine and the Agent / TLS Gateway, and that your chosen routing solution has the required external certificates in place. For more information, see Connecting to AWI, the JCP and REST Processes Using an Ingress or a Gateway API.

This Agent supports sending emails using SMTP and SMTPS. For more information, see Setting Up Email Connections.

This section includes the following pages: