Skip to Main Content
Digital Business Automation Ideas

This is an IBM Automation portal for Digital Business Automation products. To view all of your ideas submitted to IBM, create and manage groups of Ideas, or create an idea explicitly set to be either visible by all (public) or visible only to you and IBM (private), use the IBM Unified Ideas Portal (

Shape the future of IBM!

We invite you to shape the future of IBM, including product roadmaps, by submitting ideas that matter to you the most. Here's how it works:

Search existing ideas

Start by searching and reviewing ideas and requests to enhance a product or service. Take a look at ideas others have posted, and add a comment, vote, or subscribe to updates on them if they matter to you. If you can't find what you are looking for,

Post your ideas
  1. Post an idea.

  2. Get feedback from the IBM team and other customers to refine your idea.

  3. Follow the idea through the IBM Ideas process.

Please use the following category to raise ideas for these offerings for all environments (traditional on premises, containers, on cloud):
  • Cloud Pak for Business Automation - including Business Automation Studio and App Designer, Business Automation Insights

  • Business Automation Workflow (BAW) - including BAW, Business Process Manager, Workstream Services, Business Performance Center, Advanced Case Management

  • Content Services - FileNet Content Manager

  • Content Services - Content Manager OnDemand

  • Content Services - Daeja Virtual Viewer

  • Content Services - Navigator

  • Content Services - Content Collector for Email, Sharepoint, Files

  • Content Services - Content Collector for SAP

  • Content Services - Enterprise Records

  • Content Services - Content Manager (CM8)

  • Datacap

  • Automation Document Processing

  • Automation Decision Services (ADS)

  • Operational Decision Manager

  • Robotic Process Automation

  • Robotic Process Automation with Automation Anywhere

  • Blueworks Live

  • Business Automation Manager Open Edition

  • IBM Process Mining

Specific links you will want to bookmark for future use

Welcome to the IBM Ideas Portal ( - Use this site to find out additional information and details about the IBM Ideas process and statuses.

IBM Unified Ideas Portal ( - Use this site to view all of your ideas, create new ideas for any IBM product, or search for ideas across all of IBM. - Use this email to suggest enhancements to the Ideas process or request help from IBM for submitting your Ideas.

Status Future consideration
Created by Guest
Created on Feb 19, 2024

I would like for CP4BA routes to be able to use OpenShift platform certificates instead of requiring custom certificates with keys

In my environment, the platform team are allowed to use long duration certificates, and have configured one for the OpenShift platform certificate and AWS load balancer used by our Cloud Pak for Business Automation install. We need to use custom certificates for cpd and possibly cp_console routes, but if we use certificates generated for us by our security team we will be required to refresh these every 3 months. If instead we can use the
Creating a route using the default certificate through an Ingress object

If you create an Ingress object without specifying any TLS configuration, OpenShift Container Platform generates an insecure route. To create an Ingress object that generates a secure, edge-terminated route using the default ingress certificate, you can specify an empty TLS configuration as follows.


- The name of the route includes the name of the Ingress object followed by a random suffix.
- In order to use the default certificate, the route should not specify spec.certificate.
- The route should specify the edge termination policy.

There does not appear to be a way to do this currently for CP4BA generated routes:

Configuring TLS certificates and secrets

All IBM Automation foundation resources that configure connections (AutomationBase, AutomationUIConfig, EventProcessor) have the same configuration options for TLS. Inside a tls section within the custom resource specification.

  • Configuring TLS for AutomationUIConfig configures the certificates for Platform UI for cluster external access by pass-through route.
  • Configuring TLS for AutomationBase configures the certificates for Kafka, Elasticsearch, and Apicurio, for cluster internal access and cluster external access by pass-through routes.
  • Configuring TLS for EventProcessor configures the certificates for Flink, for cluster internal access.


Enhancement request is to allow us to use the platform certificate instead of having to configure certificates for CP4BA routes.

Idea priority Low
  • Admin
    Gyanendra Rathor
    May 20, 2024

    Thank you for submitting your idea. We recommend using a customer-configured route CA certificate and key

  • Admin
    Gyanendra Rathor
    Apr 23, 2024

    Hi Rajesh,

    Thanks for the previous clarification and In-order to ensure CP4BA trusts the route certificate, we require customers to configure the route CA certificate and key. If the OCP platform certificates are widely recognized, clients don't need to provide the OCP platform CA certificate and key to CP4BA. However, if the certificates are not widely recognized and are refreshed every 3 months, clients will still need to update the CA certificate and key provided to CP4BA when they are updated. Could you please confirm if this aligns with your requirements?

    2 replies
  • Admin
    Gyanendra Rathor
    Apr 22, 2024

    Hi Rajesh,
    Thanks for submitting the idea, Could you please specify which version of CP4BA you using and requested for support.

    1 reply