Page History
...
Expand | ||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||
Explanation:
|
Examples
Standard Examples
Example for use with the Controller/Agent Instance Start Script and default values
Code Block | ||||
---|---|---|---|---|
| ||||
# use with a Controller instance ./bin/controller_instance.sh cert --token=73bfc4b8-3f15-44b9-a75b-cdb44aec8f4b --joc-uri=https://myhost.example.com:4446 # use with an Agent instance ./bin/agent_<port>.sh cert --token=73bfc4b8-3f15-44b9-a75b-cdb44aec8f4b --joc-uri=https://myhost.example.com:4446 |
...
- the
cert
argument for the Instance Start Script to build the Java classpath and to start the Java executable. - The
--token
argument specifies the one-time token to connect to JOC Cockpit. - The
--joc-uri
argument specifies the URL for JOC Cockpit. - If no additional arguments are used then the Command Line Client determines default values for the Keystore and Truststore from the instances'
./config/private/private.conf
configuration, including defaults for the DN and for the SAN of the certificate.
Example for use with the Controller/Agent Instance Start Script to update relevant DN entries
Code Block | ||||
---|---|---|---|---|
| ||||
# use with a Controller instance ./bin/controller_instance.sh cert --dn-only --token=73bfc4b8-3f15-44b9-a75b-cdb44aec8f4b --joc-uri=https://myhost.example.com:4446 # use with an Agent instance ./bin/agent_<port>.sh cert --dn-only --token=73bfc4b8-3f15-44b9-a75b-cdb44aec8f4b --joc-uri=https://myhost.example.com:4446 |
...
- With the
--dn-only
argument only relevant Distinguished Names (DNs) will be updated to the./config/private/private.conf
configuration file.
Advanced Examples
Example for use with an HTTP Connection to JOC Cockpit
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
./bin/controller_instance.sh cert \ --token=73bfc4b8-3f15-44b9-a75b-cdb44aec8f4b \ --joc-uri=http://somehost.example.com:4446 \ --san="myhost.example.com, myhost" \ --subject-dn="CN=myhost, OU=IT Operations, O=SOS, C=DE, L=Berlin, ST=Berlin" \ --key-alias=myhost \ --ca-alias="Root CA" \ --target-keystore=/var/sos-berlin.com/js7/controller/var/config/private/https-keystore.p12 \ --target-keystore-pass=jobscheduler \ --target-keystore-entry-pass=jobscheduler \ --target-truststore=/var/sos-berlin.com/js7/controller/var/config/private/https-truststore.p12 \ --target-truststore-pass=jobscheduler |
Explanation:
- tbd
Example for use with an HTTPS Connection to JOC Cockpit and Mutual Authentication from a Client Truststore
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
./bin/controller_instance.sh cert \ --token=73bfc4b8-3f15-44b9-a75b-cdb44aec8f4b \ --joc-uri=https://somehost.example.com:4446 \ --san="myhost.example.com, myhost" \ --subject-dn="CN=myhost, OU=IT Operations, O=SOS, C=DE, L=Berlin, ST=Berlin" \ --key-alias=myhost \ --ca-alias="Root CA" \ --source-keystore=/home/sos/private/js7-keystore.p12 \ --source-keystore-pass="" \ --source-keystore-entry-pass="" \ --source-truststore=/home/sos/private/js7-truststore.p12 \ --source-truststore-pass="" \ --target-keystore=/var/sos-berlin.com/js7/controller/var/config/private/https-keystore.p12 \ --target-keystore-pass=jobscheduler \ --target-keystore-entry-pass=jobscheduler \ --target-truststore=/var/sos-berlin.com/js7/controller/var/config/private/https-truststore.p12 \ --target-truststore-pass=jobscheduler |
Explanation:
- tbd
Example for use with an HTTPS Connection to JOC Cockpit and Mutual Authentication from a Client Key File
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
./bin/controller_instance.sh cert \ --token=73bfc4b8-3f15-44b9-a75b-cdb44aec8f4b \ --joc-uri=https://myhost.example.com:4446 \ --san="myhost.example.com, myhost" \ --subject-dn="CN=myhost, OU=IT Operations, O=SOS, C=DE, L=Berlin, ST=Berlin" \ --key-alias=myhost \ --ca-alias="Root CA" \ --source-private-key=/home/sos/private/myhost.key \ --source-certificate=/home/sos/public/myhost.pem \ --source-ca-cert="/home/sos/public/intermediate_ca.pem, /home/sos/public/root_ca.pem" \ --target-keystore=var/sos-berlin.com/js7/controller/var/config/private/https-keystore.p12 \ --target-keystore-pass=jobscheduler \ --target-keystore-entry-pass=jobscheduler \ --target-truststore=var/sos-berlin.com/js7/controller/var/config/private/https-truststore.p12 \ --target-truststore-pass=jobscheduler |
...