Product requirements
This section contains links to the IBM® Workload Scheduler Download Documents, System Requirements, and Release Notes.
Fix Pack readmes
For the latest information about a Fix Pack, see the appropriate Readme File.
Product Library in PDF format
This section contains links to the PDF versions of all the publications provided in IBM Documentation for IBM Workload Automation.
Considerations for GDPR readiness
Overview
Mobile Applications Userʼs Guide
Dynamic Workload Console User's Guide
AI Data Advisor (AIDA) User's Guide
Scheduling Job Integrations with IBM Workload Automation
IBM® Workload Scheduler
Welcome to the IBM® Workload Scheduler documentation, where you can find information about how to install, maintain, and use IBM Workload Scheduler. The documentation has been updated for IBM Workload Scheduler Version 10.1 Fix Pack 6.
IBM® Z Workload Scheduler
Welcome to the IBM® Z Workload Scheduler documentation, where you can find information about how to install, maintain, and use the product.
- Memo to Users
- Program Directory
- Dynamic Workload Console Readmes
  For the latest information about a Dynamic Workload Console fix pack, see the appropriate Readme File.
- Planning and Installation
- Customization and Tuning
- Managing the Workload
  You can plan when and how your workload runs and manage it as part of a plan.
- Scheduling End-to-end with z-centric Capabilities
- Scheduling End-to-end with Fault Tolerance Capabilities
  - About this publication
  - Overview
    An overview of end-to-end scheduling with fault tolerance capabilities.
  - Installing
  - Customizing
    - Defining centralized and non-centralized scripts
      A job can use two kinds of scripts, centralized or non-centralized. A centralized script is a script that resides in IBM Z Workload Scheduler and that is downloaded to the fault-tolerant workstation every time the job is submitted.
    - Setting the security features
      - Setting strong authentication and encryption
        Key SSL concepts
        To authenticate a peer identity, the SSL protocol uses X.509 certificates called digital certificates. Digital certificates are electronic ID cards that are issued by trusted parties and enable a user to verify both the sender and the recipient of the certificate through the use of public-key cryptography.
        SSL connection for communication across the network
        IBM Workload Scheduler provides a secure, authenticated, and encrypted connection mechanism for communication across the network topology. This mechanism is based on the Secure Sockets Layer (SSL) protocol and uses the OpenSSL Toolkit, which is automatically installed with IBM Workload Scheduler.
        Enabling SSL authentication on IBM Z Workload Scheduler server
        Creating private keys, certificates, and a Trusted Certification Authority Chain
        Configuring the IBM Z Workload Scheduler SSL attributes
        Configuring SSL local options
        Configuring the SSL attributes for IBM Workload Scheduler workstations
        Configuring TLS to connect with IBM Z Workload Scheduler
        Enabling FIPS compliance over IBM Z Workload Scheduler server SSL secured connection
      - Setting for work across firewalls
        Prior to IBM Z Workload Scheduler version 8.2, running the commands to start or stop a workstation or to get the standard list, required opening a direct TCP/IP connection between the originator and the destination nodes. In a firewall environment, this forces users to break the firewall to open a direct communication path between the master and each fault-tolerant agent in the network.
    - Tuning global and local options in distributed network
    - Tuning network timeouts
      Network issues that make the connection to specific agents too slow can impact the performance of overall scheduling. IBM Workload Scheduler provides network timeout settings that you can tune to avoid problems with specific agents that affect the entire system.
    - Selecting end-to-end server messages
  - Managing end-to-end scheduling
  - Changing the topology of the network
- Quick Reference
- Diagnosis Guide and Reference
- Workload Automation Programming Language for z/OS User's Guide and Reference
- Driving IBM Z Workload Scheduler
Messages and Codes
Glossary
Installing IBM® Workload Scheduler
How to monitor your IBM® Workload Scheduler using the Dynamic Workload Console
How to create your scheduling environment using the Dynamic Workload Console
Notices

Creating private keys, certificates, and a Trusted Certification Authority Chain

About this task

Use the GskKyman command line utility of z/OS® Cryptographic Services System SSL to accomplish the following tasks:

Create the keystore database on the IBM Z Workload Scheduler master. This database contains the private key and trusted certificates. Because this keystore database contains a private key, it should be protected. It can be saved under any directory that allows read access to the tws user such as WRKDIR/ssl/TWS.kdb, where WRKDIR is the directory specified in the WRKDIR keyword in the TOPOLOGY statement
Store the Keystore database password in a file. This password will be encrypted and saved in a file that should be stored in any directory that allows read access to the tws user, such as WRKDIR/ssl/TWS.sth

After these steps, the administrator can start to:

Create public-private key pairs
Create certificate requests
Store signed certificates in the database (the WRKDIR/Security directory)
Create self-signed certificates
Add or remove Certification Authority from the trust list

For details, see z/OS® Cryptographic Services Secure Socket Layer Programming, SC24-5901.