JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 2

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 3

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Introduction

The JS7 - Profiles hold settings that are specific for a user and that are controlled by the user. 

  • Profiles include a number of categories such as Preferences, Permissions etc.
  • The profile includes settings used for digitally signing objects such as workflows for JS7 - Deployment.
  • The underlying security requirements are explained with JS7 - Secure Deployment.

The JS7 - Security Architecture suggest to operate JOC Cockpit in one of the following security levels:

  • Security Level Low
    • Inventory objects are automatically signed with the private key that is stored with the root account.
    • Signing is automatically applied when performing the Deploy operation.
    • The Profile page for Signature Key Management

...

x

Image Removed

  • Security Level Medium
    • Inventory objects are automatically signed with the private key that is stored with the current user's account.
    • Signing is automatically applied when performing the Deploy operation.
    • The Profile page for Signature Key Management is available for any user accounts holding a Deploy permission, see JS7 - Permissions.
  • Security Level High
    • Inventory objects are signed outside of JOC Cockpit.
    • As a consequence no Profile page for Signature Key Management is available.


Profile Page

The Profile page is accessible from the user menu of an account in the right upper corner of any JOC Cockpit view:

Image Added


The Profile page offers a number of sub-views. The following section explains the Signature Key Management sub-view.

Anchor
signature_key_management
signature_key_management
Signature Key Management

The Signature Key Management sub-view offers the following settings:

Image Added

CA Certificate

  • A CA Certificate is required to verify the user account's private key and certificate for digital signing when performing deployments.
    • This includes to check that the user account's certificate is signed with the given CA Certificate or a later CA Intermediate Certificate.
    • This includes to check expiration dates of certificates.
  • If an X.509 CA Certificate (Root CA Certificate or Intermediate CA Certificate) is assigned then the certificate's subject is displayed.
  • Operations for CA Certificates include to
    • view the CA Certificate by use of the Image Added icon,
    • update the CA Certificate by use of the Image Added icon,
    • Import the CA Certificate by use of the Image Added icon.

View CA Certificate

A CA Certificate is displayed like this:

Image Added

Update CA Certificate

A CA Certificate can be updated by pasting from the clipboard like this:

Image Added

Import CA Certificate

A CA Certificate can be imported from a file like this:

Image Added

Keys and Certificates


  • x

View Key

The user account's private key and certificate for digital signing is displayed like this:

Image Added


The user's key and certificate can

Update Key


Import Key

...