Page History
...
- For any deployed objects such as workflows the Agent expects a signature. Such signatures are created with a private key and are verified by the Agent based on the available certificates.
- When deploying objects with JOC Cockpit
- for a Low Security Level JOC Cockpit creates the signature from a single private key that is used for any JOC Cockpit user accounts allowed to deploy objects.
- for a Medium Security Level JOC Cockpit creates the signature from the private key of the JOC Cockpit user account that deploy objects.
- for a High Security Level the user creates the signature outside of JOC Cockpit and uploads the signed objects.
- The Agent supports PGP public keys and X509 X.509 certificates. This setting expects a directory respectively that holds a number of public key files or certificate files.
trusted-signature-keys
PGP
: specifies the directory from which PGP public keys are used to verify the signature of deployed objects.X509
: specifies the directory from which X.509 certificates are used to verify the signature of deployed objects.
...
- This setting is used to specify the location of a keystore and any truststores used for HTTPS connections.
- Keystore and truststore files are expected in PKCS#12 format.
keystore
- The keystore includes the private key for the Agent's incoming HTTPS connections.
- Private key types RSA and ECDSA are supported.
file
: the full path to the location of the keystore file is expected.- Default:
${js7.config-directory}"/private/https-keystore.p12"
- Default:
key-password
: Any keys included with the keystore are protected with a password. The same password has to be used for all private keys in the given keystore.store-password
: The keystore file is protected by a password.
truststores
- A truststore contains the certificates or public keys for the Agent's incoming HTTPS connections.
- Certificates are signed by a Certificate Authority (CA), alternatively a self-signed certificate can be used.
- It is recommended to use certificates instead of public keys.
- Certificates of type X509 X.509 are supported.
file
: the full path to the location of the truststore file is expected.- Default:
${js7.config-directory}"/private/https-truststore.p12"
- Default:
store-password
: A truststore file is protected by a password.- A number of truststores can be specified by repeating the
file
andstore-password
settings.
- A truststore contains the certificates or public keys for the Agent's incoming HTTPS connections.
...
Overview
Content Tools