Page History
...
Code Block | ||||||||
---|---|---|---|---|---|---|---|---|
| ||||||||
# Security configuration js7 { auth { # User accounts for https connections users { # Controller accountID for connections by primary/secondary Controller instance Controller { distinguished-names=[ "DNQ=SOS CA, CN=controller-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE", "DNQ=SOS CA, CN=controller-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE" ] } } } configuration { # Locations of certificates and public keys used for signature verification trusted-signature-keys { PGP=${js7.config-directory}"/private/trusted-pgp-keys" X509=${js7.config-directory}"/private/trusted-x509-keys" } } job { # Enable script execution from signed workflows execution { signed-script-injection-allowed = yes } } web { # Locations of keystore and truststore files for HTTPS connections https { keystore { # Default: ${js7.config-directory}"/private/https-keystore.p12" file=${js7.config-directory}"/private/https-keystore.p12" key-password=jobscheduler store-password=jobscheduler } truststores=[ { # Default: ${js7.config-directory}"/private/https-truststore.p12" file=${js7.config-directory}"/private/https-truststore.p12" store-password=jobscheduler } ] } } } |
...
Code Block | ||||
---|---|---|---|---|
| ||||
js7 { auth { # User accounts for https connections users { # Controller accountID for connections by primary/secondary Controller instance Controller { distinguished-names=[ "DNQ=SOS CA, CN=controller-2-0-primary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE", "DNQ=SOS CA, CN=controller-2-0-secondary, OU=IT, O=SOS, L=Berlin, ST=Berlin, C=DE" ] } } } } |
...
- This setting applies to use of an Agent with a solo Controller or with a Controller Cluster.
- Consider that the element name
Controller
is an example that has to be replaced by the Controller ID that is specified with the same value during installation of both Controller instances in a cluster. - This setting specifies the distinguished name indicated with the Controller's Client Authentication certificate. The certificate acts as a replacement for a password.
- The Agent configuration specifies the distinguished names of any Controllers that access the Agent by use of a Client Authentication certificate.
- Consider that the common name (CN) setting in the distinguished name has to match the fully qualified domain name (FQDN) of a Controller's host.
...
Overview
Content Tools