diff --git a/.github/lychee.toml b/.github/lychee.toml
new file mode 100644
index 0000000000..d256ce025a
--- /dev/null
+++ b/.github/lychee.toml
@@ -0,0 +1,12 @@
+# This lychee configuration tries to find dead links in zwe, pswi, and smpe files which may be displayed to the user.
+#   This does not focus on dead links for internal-facing documentation, e.g. README.md.
+
+# We're including language sources as well as document files since the language sources embed URLs
+#  which can be displayed to the user, e.g. 'zwe' shell script commands displaying help information.
+
+exclude_path = ['smpe/bld/service/_README_sample_sysmod_builds.docx']
+# This exclude list covers known urls which should be ignored, including ones which contained 
+#  templated values in typescript. The templates are covered by a wildcard.
+exclude = [ 'https://www.eclipse.org/legal/epl-v20.html', 'https://zowe.org/schemas/*', 'https://www.zowe.org/schemas/*', 'https://discovery', 'https://github.com/zowe/launcher/blob/*', 'https://myregistry/url$', 'https://your-zos-host-name/zosmf/*{1,60}', '^http://service.software.ibm.com/holdata/390holddata.html',  ]
+
+hidden = true
diff --git a/.github/workflows/link-check-weekly.yml b/.github/workflows/link-check-weekly.yml
deleted file mode 100644
index 21a91b5417..0000000000
--- a/.github/workflows/link-check-weekly.yml
+++ /dev/null
@@ -1,25 +0,0 @@
-permissions: read-all
-
-name: Check Markdown Links - Weekly
-
-on:
-  push:
-    branches:
-    - 'v3.x/master'
-    - 'v3.x/staging'
-    - 'v2.x/master'
-    - 'v2.x/staging'
-    - 'v1.x/master'
-    - 'v1.x/staging'
-  schedule:
-  # Every day @ 4 AM
-  - cron: "0 4 * * *"
-
-jobs:
-  markdown-link-check:
-    runs-on: ubuntu-latest
-
-    steps:
-    - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
-
-    - uses: gaurav-nelson/github-action-markdown-link-check@d53a906aa6b22b8979d33bc86170567e619495ec # v1.0.15
diff --git a/.github/workflows/link-check.yml b/.github/workflows/link-check.yml
new file mode 100644
index 0000000000..d11b069c7a
--- /dev/null
+++ b/.github/workflows/link-check.yml
@@ -0,0 +1,49 @@
+# This link checker focuses on covering end-user facing links, not developer documentation.
+#   This means we cover the smp/e, pswi, and zwe content.
+# The lychee toml files are set to ignore links which popped up in comments or variables.
+permissions: read-all
+
+name: Link Check CI
+
+on:
+  pull_request:
+    types: [opened, synchronize]
+  push:
+    branches:
+    - 'v3.x/staging'
+    - 'v2.x/staging'
+  workflow_dispatch:
+
+jobs:
+  lychee-link-check:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
+    - name: Link Checker
+      id: lychee
+      uses: lycheeverse/lychee-action@f81112d0d2814ded911bd23e3beaa9dda9093915 # v2.1.0
+      with:
+        fail: true
+        format: json
+        output: lychee_output.json
+        args: --config ./.github/lychee.toml --no-progress --verbose --max-retries 10 'bin/**/*' 'smpe/**/*' 'workflows/**/*'
+
+    - name: Output failed links in console
+      id: quick-output
+      if: always()
+      run: |
+        if [[ -f "lychee_output.json" ]]; then
+          jq .fail_map lychee_output.json
+        else
+          echo "lychee command failed and didn't produce output"
+        fi
+
+    - name: Publish Output
+      id: publish
+      if: always()
+      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882
+      with: 
+        name: lychee_results.json
+        path: lychee_output.json
diff --git a/workflows/files/ZWELOADC.xml b/workflows/files/ZWELOADC.xml
index c823b2b813..786e28fb37 100644
--- a/workflows/files/ZWELOADC.xml
+++ b/workflows/files/ZWELOADC.xml
@@ -192,7 +192,7 @@
             <![CDATA[
 	<p>Use this step to define the variables for RACF.</p>
 	<p>For more information about security system setup and it's variables, please open via right-click in new tab or window and refer to security documentation here
-	<a href="https://techdocs.broadcom.com/us/en/ca-mainframe-software/traditional-management/mainframe-common-maintenance-procedures/1-0/configure-ca-smp-e-internet-service-retrieval/configure-ibm-racf-security.html">configure RACF security certificates</a>
+	<a href="a href="https://techdocs.broadcom.com/us/en/ca-mainframe-software/traditional-management/mainframe-common-maintenance-procedures/1-0/configure-ca-smp-e-internet-service-retrieval/obtain-the-certificates-for-ca-smp-e-internet-service-retrieval/configure-ibm-racf-security.html">configure RACF security certificates</a>
     or there <a href="https://www.ibm.com/docs/en/zos/2.2.0?topic=syntax-racdcert-add-add-certificate">RACDCERT ADD (Add certificate) command</a>.</p>
 	]]></instructions>
             <weight>1</weight>
@@ -252,7 +252,7 @@
             <instructions substitution="false"><![CDATA[
 	<p>Use this step to define the variables for ACF2.</p>
 	<p>For more information about security system setup and it's variables, please open via right-click in new tab or window and refer to security documentation 
-	<a href="https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/administrating/digital-certificate-support/process-digital-certificates-with-ca-acf2.html#concept.dita_742faf19321a7e7286b7e3f9b1c1a66acb9562f7_INSERTSubcommand">configure ACF2 security certificates</a>.</p>
+	<a href="https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/administrating/digital-certificate-support/process-digital-certificates-with-acf2/insert-certificates.html">configure ACF2 security certificates</a>.</p>
 	]]></instructions>
             <weight>1</weight>
             <skills>Security Administrator</skills>
@@ -367,7 +367,7 @@
             <instructions substitution="true"><![CDATA[
 	<p>This step will load signed client authentication certificate from the ${instance-output_dataset} into ESM</p>
 	<p>For more information about security system setup and it's variables, please open via right-click in new tab or window and refer to security documentation here
-	<a href="https://techdocs.broadcom.com/us/en/ca-mainframe-software/traditional-management/mainframe-common-maintenance-procedures/1-0/configure-ca-smp-e-internet-service-retrieval/configure-ibm-racf-security.html">configure RACF security certificates</a> <br/>
+	<a href="a href="https://techdocs.broadcom.com/us/en/ca-mainframe-software/traditional-management/mainframe-common-maintenance-procedures/1-0/configure-ca-smp-e-internet-service-retrieval/obtain-the-certificates-for-ca-smp-e-internet-service-retrieval/configure-ibm-racf-security.html">configure RACF security certificates</a> <br/>
     or there <a href="https://www.ibm.com/docs/en/zos/2.2.0?topic=syntax-racdcert-add-add-certificate">RACDCERT ADD (Add certificate) command</a>.</p>
 	]]></instructions>
             <weight>1</weight>
@@ -452,7 +452,7 @@ DCDSN(${instance-output_dataset}) TRUST
             <instructions substitution="true"><![CDATA[
 	<p>This step will load signed client authentication certificate from the ${instance-output_dataset} into ESM</p>
 	<p>For more information about security system setup and it's variables, please open via right-click in new tab or window and refer to security documentation 
-	<a href="https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/administrating/digital-certificate-support/process-digital-certificates-with-ca-acf2.html#concept.dita_742faf19321a7e7286b7e3f9b1c1a66acb9562f7_INSERTSubcommand">configure ACF2 security certificates</a>.</p>
+	<a href="https://techdocs.broadcom.com/us/en/ca-mainframe-software/security/ca-acf2-for-z-os/16-0/administrating/digital-certificate-support/process-digital-certificates-with-acf2/insert-certificates.html">configure ACF2 security certificates</a>.</p>
 	]]></instructions>
             <weight>1</weight>
             <skills>Security Administrator</skills>