JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 16

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 17

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • For any deployed objects such as workflows the Agent expects a signature. Such signatures are created with a private key and are verified by the Agent based on the available certificates. 
  • When deploying objects with JOC Cockpit
    • for a Low Security Level JOC Cockpit creates the signature from a single private key that is used for any JOC Cockpit user accounts allowed to deploy objects.
    • for a Medium Security Level JOC Cockpit creates the signature from the private key of the JOC Cockpit user account that deploy objects.
    • for a High Security Level the user creates the signature outside of JOC Cockpit and uploads the signed objects.
  • The Agent supports PGP public keys and X509 X.509 certificates. This setting expects a directory respectively that holds a number of public key files or certificate files.
  • trusted-signature-keys
    • PGP: specifies the directory from which PGP public keys are used to verify the signature of deployed objects.
    • X509: specifies the directory from which X.509 certificates are used to verify the signature of deployed objects.

...

  • This setting is used to specify the location of a keystore and any truststores used for HTTPS connections.
  • Keystore and truststore files are expected in PKCS#12 format.
  • keystore
    • The keystore includes the private key for the Agent's incoming HTTPS connections.
    • Private key types RSA and ECDSA are supported. 
    • file:  the full path to the location of the keystore file is expected.
      • Default: ${js7.config-directory}"/private/https-keystore.p12"
    • key-password: Any keys included with the keystore are protected with a password. The same password has to be used for all private keys in the given keystore.
    • store-password: The keystore file is protected by a password.
  • truststores
    • A truststore contains the certificates or public keys for the Agent's incoming HTTPS connections.
      • Certificates are signed by a Certificate Authority (CA), alternatively a self-signed certificate can be used.
      • It is recommended to use certificates instead of public keys.
      • Certificates of type X509 X.509 are supported.
    • file:  the full path to the location of the truststore file is expected.
      • Default: ${js7.config-directory}"/private/https-truststore.p12"
    • store-password: A truststore file is protected by a password.
    • A number of truststores can be specified by repeating the file and store-password settings.

...