Page History

...

• This setting is used to specify the location of a keystore and any truststores used for HTTPS connections.
• Keystore and truststore files are expected in PKCS#12 format.
• keystore
  • The keystore includes the private key for the Agent's incoming HTTPS connections.
  • Private key types RSA and ECDSA are supported. 
  • file:  the full path to the location of the keystore file is expected.
    • Default: ${js7.config-directory}"/private/https-keystore.p12"
  • key-password: Any keys included with the keystore are protected with a password. The same password has to be used for all private keys in the given keystore.
  • store-password: The keystore file is protected by a password.
• truststores
  
  • A truststore contains the certificates or public keys for the Agent's incoming HTTPS connections.
    • Certificates are signed by a Certificate Authority (CA) - alternatively a self-signed certificate can be used.
    • It is recommended that certificates are used instead of public keys.
    • Certificates of type X.509 are supported.
  • file:  the full path to the location of the truststore file is expected.
    • Default: ${js7.config-directory}"/private/https-truststore.p12"
  • store-password: A truststore file is protected by a password.
  • A number of truststores can be specified by repeating the file and store-password settings.

js7.web.server: HTTPS Authentication

• This setting is used to specify the authentication type for HTTPS connections to an Agent.
• https-client-authentication
  
  • The value on (default) specifies that mutual authentication with certificates for Server Authentication and Client Authentication is used.
  • The value off specifies that HTTP Basic Authentication only is used.
• By default JS7 makes use of mutual authentication including both Server and Client Authentication Certificates. This setting can be switched off to use Server Authentication Certificates only.