HCL Workload Automation, Version 9.4

Customizing the SSL connection between a master domain manager and the resource command line

Customizing the SSL connection between a master domain manager and the resource command line.

About this task

The communication between the resource command line and the master domain manager is by default in http. If you want to use https, you can use the default certificates or your certificates.

If you want to use the default certificates, run the following procedure:

Find the value you set for the port of the WebSphere Application Server of the master domain manager in the httpsPort property, by running the showHostProperties wastool. The default value is 31116.
Open the TWS/TDWB_CLI/config/CLIConfig.properties file.
Set the ITDWBServerSecurePort property to this value. For example, if you used the 31116 port, write:
```
ITDWBServerSecurePort=31116
```
Set the use_secure_connection property to true, write.
```
use_secure_connection=true
```

In this way you use the default certificates provided with the product that are stored in the following keyStore and trustStore on the agent on which you are using the resource command line:

keyStore=TWS_inst_dir/TWS/TDWB_CLI/certs/TWSClientKeyFile.jks
trustStore=TWS_inst_dir/TWS/TDWB_CLI/certs/TWSClientTrustFile.jks

If you want to use your own certificates, run the Steps from 1 to 4 and then perform the following step:

Substitute the default certificates present on the agent with the customized certificates present on the master domain manager. The master domain manager certificates are located in the <WAS_profile_path>/etc directory where the default value for <WAS_profile_path> is <TWA_home>/WAS/TWSprofile. Ensure that keyStore and trustStore properties on the agent point to the correct certificates. For example, if you stored the master domain manager in the tmp directory in the agent keyStore and trustStore, write:
```
keyStore=tmp/TWS/TDWB_CLI/certs/TWSClientKeyFile.jks
trustStore=tmp/TWS/TDWB_CLI/certs/TWSClientTrustFile.jks
```