Self-signed certificates have to be deployed from individual certificate files made available for Controllers and Agents.
- There is no security gap in use of self-signed certificates. When users store certificate files to Controllers and Agents then this proves that they trust the certificates.
CA-signed certificates usually are not deployed. Instead, the CA Certificate is deployed that was used to sign individual certificates.
- The approach includes that any signing certificate signed by the CA will be accepted for deployment of scheduling objects.
- For better control which certificates are made available for deplyoment, users might decide to use a specific Signing Intermediate CA.

Anchor
self_signed_certificates
self_signed_certificates
Creating self-signed Certificates

...

Code Block

language	bash
title	Alternative: Create CA Certificate using passphrase
linenumbers	true

# Step 1: Generate Signing Certificate Authority (CA) Private Key using passphrase
openssl ecparam -genkey -name secp256k1 | openssl ec -aes256 -passout pass:"jobscheduler" -out signing-ca.key

 # Step 2: Generate Signing CA Certificate
openssl req -new -x509 -sha256 -days 5475 -key signing-ca.key -passin pass:"jobscheduler" -out signing-ca.crt

...

Space shortcuts

Page tree

Versions Compared

Old Version 12

New Version 13

Key

Anchor
self_signed_certificates
self_signed_certificates
Creating self-signed Certificates

Space shortcuts

Page tree

Page History

Versions Compared

Old Version 12

New Version 13

Key

Anchorself_signed_certificatesself_signed_certificatesCreating self-signed Certificates

Anchor
self_signed_certificates
self_signed_certificates
Creating self-signed Certificates