Page History
...
- This setting applies if a Controller Cluster is used. In this situation a Primary Controller requires the above setting to allow access from a Secondary Controller and vice versa.
- This setting specifies the
distinguished-names
indicated with the partner Controllers' Client Authentication certificatescertificate. The distinguished name is given with the subject attribute of a Client Authentication certificate. The distinguished name is considered a replacement for a password.- A Primary Controller configuration specifies the distinguished name of the Secondary Controller's Client Authentication certificate.
- A Secondary Controller configuration specifies the distinguished name of the Primary Controller's Client Authentication certificate.
- Consider that the common name (CN) attribute of the distinguished name has to match the fully qualified domain name (FQDN) of the partner Controller's host.
JOC Cockpit Connections
Code Block | ||||
---|---|---|---|---|
| ||||
js7 { auth { # User accounts for HTTPS connections users { # History account (used to release events) History { distinguished-names=[ "DNQ=SOS CA, CN=joc-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE", "DNQ=SOS CA, CN=joc-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE" ] password="sha512:B793649879D61613FD3F711B68F7FF3DB19F2FE2D2C136E8523ABC87612219D5AECB4A09035AD88D544E227400A0A56F02BC990CF0D4CB348F8413DE00BCBF08" } # JOC account (requires UpdateRepo permission for deployment) JOC { distinguished-names=[ "DNQ=SOS CA, CN=joc-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE", "DNQ=SOS CA, CN=joc-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE" ] password="sha512:3662FD6BF84C6B8385FC15F66A137AB75C755147A81CC7AE64092BFE8A18723A7C049D459AB35C059B78FD6028BB61DCFC55801AE3894D2B52401643F17A07FE" permissions=[ UpdateItem ] } } } } |
...
- The configuration file is located with the
sos-berlin.com/js7/agent/config_<port>/private
folder. - Consider that the above configuration has to be deployed to any Agent instances.
- Find below explanations about above configuration items relevant to Server Authentication with passwords.
...
Distinguished Names
Controller Connections
Code Block | ||||
---|---|---|---|---|
| ||||
js7 { auth { # User accounts for https connections users { # Controller account for connections by primary/secondary Controller instance Controller { distinguished-names=[ "DNQ=SOS CA, CN=controller-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE", "DNQ=SOS CA, CN=controller-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE" ] } } } } |
...
Overview
Content Tools