Welcome
HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 10.2.5.
Administration Guide
Configuring secure communications
HCL Workload Automation ensures your business operations are always secure with robust, authenticated, and encrypted connections powered by the Secure Sockets Layer (SSL) protocol.
Managing certificates using Certman
Generate new certificates from an existing Certificate Authority (CA)

Product requirements
This section contains links to the HCL Workload Automation Product Requirements.
Detailed System Requirements for HCL Workload Automation, Version 10.2.5
Detailed System Requirements for Dynamic Workload Console, Version 10.2.5
Product Library in PDF format
This section contains links to the PDF versions of all the publications provided in Product Documentation for HCL Workload Automation.
Overview
Mobile Applications Userʼs Guide
Dynamic Workload Console User's Guide
AI Data Advisor (AIDA) User's Guide
Scheduling Job Integrations with HCL Workload Automation
HCL Workload Automation
Welcome to the HCL Workload Automation documentation, where you can find information about how to install, maintain, and use HCL Workload Automation. The documentation has been updated for HCL Workload Automation Version 10.2.5.
- Planning and Installation
- User's Guide and Reference
- Administration Guide
  - Customizing and configuring HCL Workload Automation
  - Configuring the Dynamic Workload Console
  - Configuring user authorization (Security file)
  - Configuring authentication
  - Network administration
  - Configuring secure communications
    HCL Workload Automation ensures your business operations are always secure with robust, authenticated, and encrypted connections powered by the Secure Sockets Layer (SSL) protocol.
  - Data maintenance
  - Administrative tasks
  - Administering IBM i dynamic environment
    On overview on how to administer the HCL Workload Automation IBM i dynamic environment.
  - Performance
  - Availability
  - License computation model
- Scheduling with the Agent for z/OS
- Database Views
- High Availability Cluster Environment
- Driving HCL Workload Automation
- Extending HCL Workload Automation
HCL Workload Automation for Z
Welcome to the HCL Workload Automation for Z documentation, where you can find information about how to install, maintain, and use the product. The documentation has been updated for version 10.2 Fix Pack 2.
Messages and Codes
Glossary
Notices

Generate new certificates from an existing Certificate Authority (CA)

About this task

If you need to generate new certificates from an existing Certificate Authority (CA), you can use Certman to generate the required certificates. In this case, the capath parameter is required and you need to provide the path of the existing ca.crt and ca.key files.

Procedure

Browse to the following path: <image_location>/TWS/<interp_name>/Tivoli_LWA_<interp_name>\TWS\bin
Generate the new certificates by running the following command:
```
certman generate -keypasswd <pwd> -outpath <output path> [-capath <ca path>] [-wauser <user>] [-wagroup <group>]
```
Where:

keypasswd

Specify the password to encrypt the private key.

outpath

Specify the folder where generate the certificates.

capath

Specify the path where ca.crt and ca.key files are stored.

wauser

Optionally, specify the TWS_user that must be set as owner of the output files.

wagroup

Optionally, specify the TWS_user that must be set as group of the output files..
Note: To specify an owner and group in wauser and wagroup parameters, the user who launches Certman must have the permissions to change the owner and group on output files.

Results

The following output files are the certificates you can find in the specified output folder:

tls.crt

The certificate signed and validated by the CA.
tls.key

The private key of the tls certificate.
tls.sth

The stash file of the tls certificate that contains the password encoded in Base64 format.