On-prem agent key management

1. Workato on-prem agent requires two files to connect to Workato cloud through a gateway:

• cert.key
• cert.pem

2. Download these files when you add a new agent, or from the context menu for an existing agent.

3. Place the files in the Workato agent conf directory.

The certificates remain valid for 5 years after generation date.

Renewing agent keys

When your agent keys expire, or are about to expire, follow these instructions to get a new keys:

Certificate support

Workato does not support re-generated certificates. You must create new certificates, and use them to replace the old certificates.

1

Create a new on-prem agent in the same on-prem group as the original agent.

2

Complete the steps in the Setup Now wizard for this new on-prem agent.

3

Download the new key/certificate pair (cert.zip) only.

You don't have to download the new agent installer, unless you also plan to upgrade your agent.

4

In your existing on-prem agent installation's conf folder, replace the existing cert.pem and cert.key files with the new files.

5

Run the agent.

6

Complete the setup wizard by clicking Test.

7

Ensure your new agent appears as Active.

The existing on-prem agent installation becomes the new agent.

The old on-prem agent record on the on-prem group page is no longer necessary. You can remove it.