search cancel

How to set up AES encrypted communication between CA WA ESP Edition and the CA WA System Agent

book

Article ID: 42147

calendar_today

Updated On:

Products

ESP Workload Automation

Issue/Introduction

 

Summary:

AES encrypted communication between the CA WA ESP master subsystem, and the CA WA System Agent can be set up in 5 simple steps. 

 

Background:  

AES encryption is a more secure encryption than the standard DES encryption.

 

Environment:  

CA Workload Automation ESP Edition r11.4

 

Instructions: 

Follow these steps to enable AES encryption:


1) From the ESP pagemode,  enter the command below to create and store the key in the secure repository.

    Example: CRYPTKEY DEFINE KEYNAME(monkey1) KEY(X'0102030405060708091A1B1C1D1E1F01') AES

2) In the agenthome directory, issue the "keygen" command with the same key as above to create the key for the server.  

    Example: keygen 0x0102030405060708091A1B1C1D1E1F01 AES

Notes on keygen:

a) Typically, encryption keys take only a few seconds to generate. However, on Linux Intel based platforms, it can take up to several minutes or even longer on a virtual machine.  The resulting key is valid, and the delay does not affect performance.

b) By default the key is stored in the "cryptkey.txt" file in the agenthome directory. 

3) Bounce the agent. 
   
4) Add the agent and the key name to the AGENTDEF member in the ESP init parmlib.  
    Example: AGENT AGENTU_SFTP ADDRESS(10.130.226.51) PORT(7521) UNIX ASCII TCPIP -
           PREFIXING ENCRYPT KEY(MONKEY1)                               

5) Execute the ESP pagemode "LOADAGDF" command to refresh the updated AGENTDEF member. 

    Example: OPER LOADAGDF 'hlq.esp.PARMLIB(AGENTDEF)'

 

Additional Information:

Additional information on the CRYPTKEY and LOADAGDF commands can be found in the CA Workload Automation ESP Command Reference manual.

Information on the "keygen" utility can by found on the Wiki for the System Agent.

 



Environment

Release: ENCWLA00200-11.4-Workload Automation-Restart Option-EE
Component:

Resolution

Please Update This Required Field