CAUAJM_E_60199 Unable to generate the EEM certificate
search cancel

CAUAJM_E_60199 Unable to generate the EEM certificate


Article ID: 4155


Updated On:


CA Workload Automation AE - Business Agents (AutoSys) CA Workload Automation AE - Scheduler (AutoSys) Workload Automation Agent


This knowledge article is subject to the DISCLAIMER provided at the bottom.


autosys_secure isn't working when try to regenerate the certificate 
we receive get the following errors:

$ autosys_secure 
[2] Set CA EEM server location and regenerate certificate. 

CAUAJM_E_10443 Security server unreachable or invalid credentials. 
CAUAJM_E_10434 Error initiating security session. 
CAUAJM_E_10437 Detailed Error Information:

[EE_NOEIAMNODES No SafeNodes Defined] 
[Authenticate Error: Backend Server Not Set]


CAUAJM_E_60199 Unable to generate to EEM certificate....



CA Workload Automation AE r11.3 SP1 on Oracle Linux


Perform the following steps to regenerate an EEM certificate:


1. Run the following queries on your AutoSys database:

delete ujo_keymaster where hostid='SECURITY';
update aedbadmin.ujo_alamode set int_val=0 where type = 'JOB'; 
update aedbadmin.ujo_alamode set int_val=0 where type = 'EVT'; 
delete from aedbadmin.ujo_alamode where type = 'SEC'; 

2. Then restart the application server. Make sure you can get into 

3. Set your Edit/Exec Superusers.

4. Confirm the WorkloadAutomationAE application for this $AUTOSERV 
is already registered in EEM. If it is not then do the following:

SET ASSAFETOOLPW=<eiamadminpassword>

5. Enter the following command:

as_safetool -b EEM_server_host_name -s

A list of CA Workload Automation AE instances that are already registered 
with the CA EEM server appear.

6. Enter the following command for the instance that should be added to 
that list: 

as_safetool -b EEM_server_host_name -i $AUTOSERV

7. Then confirm it is registered in EEM. Remove the $AUTOUSER/*.p12 file.

8. Use autosys_secure to put Autosys into EEM mode and allow it to generate 
the p12 file.


DISCLAIMER: The procedure documented herein bypasses the WAAE external security (Embedded Entitlements Manager a.k.a EEM) and hence all security authorization policies setup in EEM for the WAAE instance in question will NOT be available until external security is reactivated. Ensure the WAAE Application server(s) and Scheduler(s) are stopped before carrying out this procedure so that no unauthorized actions (autorep, sendevent, etc) are processed whilst the WAAE instance security is being reset.