Skip to main content
assistive.skiplink.to.breadcrumbs
assistive.skiplink.to.header.menu
assistive.skiplink.to.action.menu
assistive.skiplink.to.quick.search

Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

Table of Contents

Introduction

JS7 - Encryption and Decryption offers secure handling of secrets by use of asymmetric keys.

The JOC Cockpit can be used for JS7 - Encryption - Management of Encryption Keys.

Centrally managing Certificates/Public Keys.
Providing JS7 - Job Resources that hold the related Certificate/Public Key. Such Job Resources can be assigned workflows and jobs that should decrypt secrets.

Encrypting Workflow Variables

A workflow can be assigned variables that can hold encrypted values.

To encrypt a variable uses can proceed like this from the Configuration->Inventory view:

Image Added

Explanation:

The encrypted_variable workflow variable can hold an encrypted value.
For encryption users can use the Image Added icon that invokes the following popup window:
- Image Added
- The first input field accepts the plain text value for the related variable.
- Users can select a Certificate
  - from the list of Certificate Alias names that are centrally managed, see JS7 - Encryption - Management of Encryption Keys,
  - by pasting an individual Certificate.
- Hitting the Submit button will encrypt the plain text value and will assign the variable the encrypted value that looks like this:
  - enc:BGlzj4sQ5ea0D6UdZTOP0oF0hkKN9Ca1ecMeQfi8y4cEx/rweM9MpNquU2q5lint0lY6yvoYspLhlV7rhKIAEooFh2Ohca0wBZ4InjvrAI0r0xGa/fmpxCKgfuzNHBqZdsoTVQo= OD6HmuRRmpLKPLYN5urJlw== dQH6taVBtH2jaX4+ig+5ig==
  - The enc: prefix indicates an encrypted value that holds the following parts separated by spaces:
    - encrypted symmetric key,
    - initialization vector,
    - encrypted secret.
- When selecting a Certificate, then the Use of Certificate by Agents link can be used to check which Agents are assigned the Certificate. Users should consider that the Agent assigned the job that needs to decrypt the variable's value has to be assigned the Certificate used for encryption. In addition, the Agent must have access to the matching Private Key.

Encrypting Job Variables

Job variables include Environment Variables used for Shell jobs and Arguments used for JVM jobs.

Encrypting Order Variables