Job and machine inserts/updates in jil are suddenly receiving the following error...

CAUAJM_E_10436 Security server unreachable or invalid authentication certificate file

The autosys_secure command also receives the following error when attempting to run it...

CAUAJM_E_60204 The instance is running under CA EEM security control but CA EEM is not available.

At the same time, EEM is accessible via the EEM UI.

There are a variety of possible root causes for this error scenario where it has been confirmed via the EEM UI that EEM is accessible but AutoSys commands are giving errors about EEM connectivity This document focuses on one root cause in particular that is rare. This error scenario can be caused by non-default /tmp directory permissions when the problem is occurring on a UNIX/Linux AutoSys server/client machine.

When the AutoSys Application Server needs to connect with EEM, there are temporary files written to /tmp to accommodate the process. If it is unable to do so, it will result in the error condition described above. Run the following test procedure to see if this is the cause...

Login to the AutoSys Application Server machine as the user that owns the AutoSys files. Make sure the AutoSys environment is sourced.
Set a variable called ASSAFETOOLPW to the password for your EIamAdmin user.
Run the following command and observe the output...

as_safetool -b <EEM_server_hostname> -a EiamAdmin -s

If the output provides a list of registered instances, but also prints errors that look like this...

ERROR: [0x04182b70] BatFile::createTmpFile: Unable to open file with filename = /tmp/spar.XHEEhfT

...then it is likely that the root cause is non-default permissions on /tmp.

Check the permissions for the /tmp directory and make sure it is writable for the user running the Application Server.