Page History
...
JS7 - Deployment of Scheduling Objects makes use of Signing Certificates to digitally sign workflows and other objects. Signing Certificates are deployed to Controllers and Agents. Use of certificates for signing is not related to use of certificates to secure HTTPS connections, see JS7 - How to create X.509 SSL TLS Certificates.
...
Anchor | ||||
---|---|---|---|---|
|
Users chose this approach if they intend to authorize specific users to deploy scheduling objects:
- The approach is managable if the number of Controller and Agent instances that receive the certificate is within acceptable limits.
- Consider certificate renewal that includes to update the certificate file on related Controller and Agent instances.
- Consider certificate revocation that includes to remove the certificate file from related Controller and Agent instances.
- The approach allows fine-grained control, but comes at a price of having to manage deployment of user certificates individually.
Anchor | ||||
---|---|---|---|---|
|
...
Users have the option to use ECDSA or RSA algorithms for the encryption type applied to performed using the Private Key.
Users can run the following commands from the shell and replace the value of the key_name
environment variable with a name of their choice that is used when creating related files.
...
Steps include to create the signing-ca.key
CA Private Key file and signing-ca.csr
CA Certificate Signing Request file both in PEM format.
Users have the option to use ECDSA or RSA algorithms for encryption performed using the Private Key.
Users can run the following commands from the shell and replace the value of the ca_key_name
environment variable with a name of their choice that is used when creating related files.
...
Steps include to create the signing.key
Private Key file and signing.csr
Certificate Signing Request file both in PEM format.
Users have the option to use ECDSA or RSA algorithms for encryption performed using the Private Key.
Users can run the following commands from the shell and replace the value of the key_name
environment variable with a name of their choice that is used when creating related files.
...