Page History
...
- When using HTTPS certificates or public keys for incoming connections, see below, then an additional authentication mechanism applies: the client of the incoming connection, i.e. a Controller, is required to provide a Client Authentication Certificate. This includes that two certificates are in place for a secure HTTPS connection: the Agent's Server Authentication Certificate and the Controller's Client Authentication Certificate.
- The fact that a given certificate is used for Server Authentication and/or Client Authentication is specified with the key usage when creating and signing the certificate.
- The distinguished name that is specified with the Agent's configuration has to match the Client Authentication Certificate's subject attribute of a Controller. This attribute specifies the hostname and additional information that is created when the certificate or public key is generated.
Controller
- Settings in this section are used for incoming HTTPS connections from Controller instances.
distinguished-names
:- Specifies the distinguished name as given with the subject of the Client Authentication Certificate for incoming HTTPS connections from a Controller.
- Any number of distinguished names can be specified allowing a number of incoming HTTPS connections from different Controllers.
js7.configuration:
...
Trusted Signature Keys
js7 | configuration | |||
---|---|---|---|---|
trusted-signature-keys | ||||
PGP | <directory> | |||
X509 | <directory> |
...
Overview
Content Tools