Page History
...
- Self-signed certificates have to be deployed from individual certificate files made available for Controllers and Agents.
- There is no security gap in use of self-signed certificates. When users store certificate files to Controllers and Agents then this proves that they trust the certificates.
- CA-signed certificates usually are not deployed. Instead, the CA Certificate is deployed that was used to sign individual certificates.
- The approach includes that any signing certificate signed by the CA will be accepted for deployment of scheduling objects.
- For better control which certificates are made available for deplyoment, users might decide to use a specific Signing Intermediate CA.
Anchor | ||||
---|---|---|---|---|
|
...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
# Step 1: Generate Signing Certificate Authority (CA) Private Key using passphrase openssl ecparam -genkey -name secp256k1 | openssl ec -aes256 -passout pass:"jobscheduler" -out signing-ca.key # Step 2: Generate Signing CA Certificate openssl req -new -x509 -sha256 -days 5475 -key signing-ca.key -passin pass:"jobscheduler" -out signing-ca.crt |
...
Overview
Content Tools