Page History
...
- Users benefit from the certificate authority included with JOC Cockpit to create and to roll-out private keys and certificates.
- This includes simplified roll-out to Controller and Agent instances to establish secure HTTPS connections.
- The build-in certificate authority is applicable when operating JOC Cockpit in a low or medium security level, see JS7 - Security Architecture.
- The built-in certificate authority
- creates X.509 certificates for HTTPS Mutual Authentication
- between JOC Cockpit and Controller instances,
- between Primary and Secondary Controller instances,
- between Controller instances and Agents.
- is not used to create server authentication certificates for access to JOC Cockpit. Access is performed by user browsers, therefore it is preferable to use a server authentication certificate that is signed by a known certificate authority for which user browsers include the root certificate.
- creates X.509 certificates for HTTPS Mutual Authentication
- Users benefit from simplified rollout of private keys and certificates when using the built-in certificate authority.
JS7 provides a Command Line Certificate Rollout Client available with Controller and Agents instances instance Start Scripts to create and to roll-out private keys and certificates using the built-in certificate authority. Rollout of private keys and certificates created with an external certificate authority are not in scope of the Command Line Client. The functionality includes
- to authenticate with JOC Cockpit by use of a security token, see JS7 - Certificate Authority - Manage Certificates with JOC Cockpit,
- to request a private key and certificate to be created by JOC Cockpit on-the-fly,
- to update a Controller or Agent instance's configuration for use of the private key and certificate with HTTPS mutual authentication.
Prerequisites
...
- .
...
- The JOC Cockpit certificate authority has to be available and the root private key and certificate have been created.
- Valid security tokens have been generated with JOC Cockpit for the desired Controller and Agent instances.
- For details see JS7 - Certificate Authority - Manage Certificates with JOC Cockpit
Certificate Rollout
Rollout of certificates includes to perform the following steps
...
Overview
Content Tools