Page History
...
- Encryption and decryption can be performed directly by related jobs.Encryption and decryption can be performed jobs or outside of JS7 products.
- This includes that JS7 products have no knowledge of secret keys secrets involved that potentially could be compromised by logging, database persistence etc.
...
The following step is performed on the server hosting the Agent that should decrypt variables using . The example makes use of the openssl
utility from the command line: command line utility that can be installed for Windows. There are alternative ways how to create private/public key pairs.
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
# navigate to the Agent's <agent-data>/config/private directory cd /var/sos-berlin.com/js7/agent/config/private # create the private key in pkcs#1 format # without passphrase # openssl ecparam -name secp256k1 -genkey -noout -out agent.key # with passphrase openssl ecparam -genkey -name secp256k1 | openssl ec -aes256 -passout pass:"jobscheduler" -out agent.key # create certificate openssl req -new -x509 -key agent.key -passin pass:"jobscheduler" -out agent.crt -days 1825 # extract public key from private key openssl ec -in agent.key -passin pass:"jobscheduler" -pubout > agent.pub |
...
The script writes output to the stdout channel that JS7_ENCRYPT_VALUE
environment variable. Output includes the following items separated by spaces:
...
Overview
Content Tools