Page History
...
- Security Level Low
- Inventory objects are automatically signed with the private key that is stored with the "root" account.
- Signing is automatically applied when performing the "Deploy" operation.
- Security Level Medium
- Inventory objects are automatically signed with the private key that is stored with the current user's account.
- Signing is automatically applied when performing the "Deploy" operation.
- Security Level High
- Inventory objects are signed outside of the JOC Cockpit:
- Inventory objects are exported using the "Export" operation that offers the option "for signing".
- The export archive is transferred to a secure device, e.g. to a secure desktop machine.
- The export archive is extracted and each inventory object file included is individually signed.
- There is no pre-requisite about the tools used for signing,
- For example, the OpenSSL command line utility can be used and tools such as OpenPGP Kleopatra can be used.
- The signing step includes the creation of a signature file with the same name and the extension
.ascfor each inventory file.
- The signed inventory files and signature files are added to the same or to a new archive file.
- The archive file that includes signatures for inventory objects is imported to JOC Cockpit. The deployment step is performed inline with the import step.
- Inventory objects are signed outside of the JOC Cockpit:
For creation of certificates for digital signing see JS7 - How to create X.509 Signing Certificates.
Versioning of Objects
The following deployable objects are versioned:
...
Overview
Content Tools