Page History
...
- This setting is used to specify the location of a keystore and any truststores used for HTTPS connections.
- Keystore and truststore files are expected in PKCS#12 format.
keystore
- The keystore includes the private key for the Agent's incoming HTTPS connections.
- Private key types RSA and ECDSA are supported.
file
: the full path to the location of the keystore file is expected.- Default:
${js7.config-directory}"/private/https-keystore.p12"
- Default:
key-password
: Any keys included with the keystore are protected with a password. The same password has to be used for all private keys in the given keystore.store-password
: The keystore file is protected by a password.
truststores
- A truststore contains the certificates or public keys for the Agent's incoming HTTPS connections.
- Certificates are signed by a Certificate Authority (CA) - alternatively a self-signed certificate can be used.
- It is recommended that certificates are used instead of public keys.
- Certificates of type X.509 are supported.
file
: the full path to the location of the truststore file is expected.- Default:
${js7.config-directory}"/private/https-truststore.p12"
- Default:
store-password
: A truststore file is protected by a password.- A number of truststores can be specified by repeating the
file
andstore-password
settings.
- A truststore contains the certificates or public keys for the Agent's incoming HTTPS connections.
js7.web.server: HTTPS Authentication
js7 | web | server | |||
---|---|---|---|---|---|
auth | |||||
https-client-authentication | <on|off> |
- This setting is used to specify the authentication type for HTTPS connections to an Agent.
https-client-authentication
- The value
on
(default) specifies that mutual authentication with certificates for Server Authentication and Client Authentication is used. - The value
off
specifies that HTTP Basic Authentication only is used.
- The value
- By default JS7 makes use of mutual authentication including both Server and Client Authentication Certificates. This setting can be switched off to use Server Authentication Certificates only.
Overview
Content Tools