To secure the communication, the server must be able to identify and authorize the agents. For this purpose, the Automation Engine automatically generates a public/private key pair and a self-signed certificate upon first startup.

However, you can use your own certificate authority. If you do so, make sure that the following extensions are set in your certificate.

Link to the documentation.

Automic Workload Automation 21.0.X, 24.X

How-To.

• Provide a Common Name (CN) - This is AE internal only so it does not need to be the server name of any AE node.

• Click on Add Extensions

• Click on the green + symbol

• Add a Basic Constraints

• Check Subject is a CA

• Add a Subject Key Identifier (SKI)

• Click the key symbol

• Click OK, OK, both extensions were added

• Click OK, OK
• Enter  an Alias

• Click OK and enter the key pair entry password

• Export the private key

• Remove the Encrypt checkbox

• Export the public key

• Export the certificate chain

• Copy these three files to the ../AutomationEngine/bin/ae-cert-management folder. The folder can also point to another directory and be specified in the variable UC_AGENT_TLS_SETTINGS
• Create the variable UC_AGENT_TLS_SETTINGS in client 0 (folder DIV_VARIABLES) and provide the keys and values

• Other values can be provided as needed, a full list can be found here.