JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 2

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 3

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Introduction

The JS7 - Profiles hold settings that are specific for a user and that are controlled by the user. 

  • Profiles include a number of categories such as Preferences, Permissions etc.
  • The profile includes settings used to configure JOC Cockpit as a Certificate Authority for JS7 - Secure Connections.

The SSL Key Management

...

x

Image Removed

functionality is used when setting up your own CA with JOC Cockpit, see JS7 - Certificate Authority - Manage Certificates with JOC Cockpit.

  • To set up the Certificate Authority (CA) a Root CA private key and self-signed certificate are created:
  • The SSL Key Management sub-view is available to user accounts that are assigned the administrator role. To be more precise user accounts have to be assigned the sos:products:joc:adminstration:manage role, see JS7 - Permissions.

The article is intended for a security-aware audience that is technically familiar with TLS/SSL key management.

Profile Page

The Profile page is accessible from the user menu of an account in the right upper corner of any JOC Cockpit view:

Image Added


The Profile page offers a number of sub-views. The following section explains the SSL Key Management sub-view.

Anchor
ssl_key_management
ssl_key_management
SSL Key Management

The SSL Key Management sub-view offers the following settings:

Image Added

Keys and Certificates

The Root CA private key and certificate can be updated/imported from an external CA and they can be generated by JOC Cockpit:

  • Operations for the Root CA private key and certificate include to
    • view the private key and certificate by use of the Image Added icon,
    • update the private key and certificate by use of the Image Added icon,
    • import the private key by use of the Image Added icon,
    • generate the private key and certificate by use of the Image Added icon.

View Key and Certificate

The Root CA private key and certificate is displayed like this:

Image Added


Update Key and Certificate

The Root CA private key and certificate can be created from an external CA and can be updated by pasting from the clipboard like this:

Image Added


Note: JOC Cockpit supports ECDSA key algorithms only as RSA key algorithms are not considered secure for the future.

Import Key

The Root CA private key can be created from an external CA and can be imported from a file like this:

Image Added

Generate Key and Certificate

A Root CA private key is generated and is self-signed like this:

Image Added


The requested Distinguished Name (DN) is a unique identifier for the certificate.

  • The DN can include any attributes allowed.
  • The DN has to include the CN attribute
  • Example:
    • CN=JS7 Root CA, OU=IT Operations, O=SOS, L=Berlin, S=Berlin, C=DE

...