JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 16

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Options
    • --keystore
      • Specifies the path to a PKCS12 keystore file that should be created. The keystore holds the private key and server certificate for HTTPS connections to JS7 componentsproducts.
      • Users are free to specify any file name, typically the name https-keystore.p12 is used.
      • Further settings in JS7 configuration files such as the keystore location and password have to be considered.
    • --truststore
      • Specifies the path to a PKCS12 truststore file that should be created. The truststore holds the certificate(s) for HTTPS connections from JS7 componentsproducts.
      • Users are free to specify any file name, typically the name https-truststore.p12 is used.
      • Further settings in JS7 configuration files such as the truststore location and password have to be considered.
    • --key
      • Specifies the path to the file that holds the private key that should be added to the keystore.
      • This argument is required should a keystore be created, see --keystore.
    • --cert
      • Specifies the path to the file that holds the server/client authentication certificate that should be added to the keystore.
      • This argument is required should a keystore be created, see --keystore.
    • --alias
      • Specifies the alias name of the entry in the keystore that holds the private key and certificate.
      • This argument is required should a keystore be created, see --keystore.
    • --password
      • Specifies the password that protects the keystore and truststore.
      • Passwords for certificate stores are not intended to improve security but to prevent users from shooting themselves in their foot. For a keystore the password protects read and write access, for a truststore the password protects write access.
      • This argument is required should a keystore or truststore be created, see --keystore, --truststore.
    • --ca-cert
      • Specifies the path to a CA Certificate Bundle file that holds the Intermediate CA Certificate(s) and Root CA Certificate in the indicated sequence.
      • This argument is required should a keystore be created and the --chain switch be used. In addition this argument is required should a truststore be created and no Root CA Certificate be specified, see --ca-root.
    • --ca-root
      • Specifies the path to a Root CA Certificate file.
      • This argument is required if no CA Certificate Bundle file is specified, see --ca-cert, and should a keystore be created with the --chain argument. In addition this argument is required should a truststore be created using the --truststore option and no CA Certificate Bundle file is specified, see --ca-cert option.
    • --ca-intermediate
      • Specifies the path to one or more Intermediate CA Certificate files.
      • If more than one file is specified then file names have to be separated by comma, for example --ca-intermediate="./certs/intermediate-ca-1.crt,./certs/intermediate-ca-2.crt".
      • This argument is required if no CA Certificate Bundle file is specified, see --ca-cert, and should a keystore be created using the --chain switch.
    • --backup-dir
      • If a backup directory is specified then an existing keystore and truststore will be added to a .tar.gz file in this directory.
      • File names are created according to the pattern: backup_js7_<keystore|truststore>.<hostname>.<yyyy>-<MM>-<dd>T<hh>-<mm>-<ss>.tar.gz
      • For example: backup_js7_keystore.centostest_primary.2022-03-19T20-50-45.tar.gz
    • --log-dir
      • If a log directory is specified then the installer script logs information about processing steps to a log file in this directory.
      • File names are created like this: certificate_store_js7.<hostname>.<yyyy>-<MM>-<dd>T<hh>-<mm>-<ss>.log
      • For example: certificate_store_js7.centostest_primary.2022-03-19T20-50-45.log
  • Switches
    • -h | --help
      • Displays usage.
    • --chain
      • Adds the certificate chain to the keystore if the --keystore option is used. In most situations this is not required as the certificate chain is made available with the truststore. The certificate chain will be created from the CA Certificate Bundle file, see --ca-cert, or from individual CA Certificates, see --ca-root, --ca-intermediate.
    • --show-logs
      • Displays the log output created by the script.
    • --make-dirs
      • If directories are missing that are indicated with the --keystore, --truststore, --backup-dir or --log-dir options then they will be created.
  • Exit Codes
    • 1: argument errors, OpenSSL errors
    • 2: this exit code is returned in case of keystore/truststore verification errors.

...