Page History
...
The JS7 allows to operate JOC Cockpit in one of the security levels Security Levels low, medium, high, for details see JS7 - Security Architecture.
- low: workflows are digitally signed from a single private key Private Key used by all user accounts in JOC Cockpit. The key Private Key is stored in the JS7 database.
- medium: workflows are digitally signed from private keys Private Keys per user accounts account in JOC Cockpit. The key Private Key is stored in the JS7 database.
- high: workflows have to be digitally signed outside of JOC Cockpit. Users export workflows from the JS7 inventory to a .tar.gz/.zip export archive.
...
Code Block | ||||||
---|---|---|---|---|---|---|
| ||||||
# login Import-Module JS7 -force $credential = ( New-Object -typename System.Management.Automation.PSCredential -ArgumentList 'ap-si-ecdsa', ( 'ap-si-ecdsa' | ConvertTo-SecureString -AsPlainText -Force) ) Connect-JS7 -Url https://centostest-primary.sos:6446 -RootCertificatePath ./root-ca.crt -Credential $credential -Id training # export for signing Export-JS7InventoryFolder -Folder / -FilePath ./export-training.zip -Recursive -ControllerId training -ForSigning # extract export archive Remove-Item -Recurse -Force ./inputinventory/* Expand-Archive -Path ./export-training.zip -DestinationPath ./inputinventory -Force # sign workflows Invoke-JS7WorkflowSigning -Dir ./inputinventory -Key ./ca/ap-si-ecdsa.key -Cert ./ca/ap-si-ecdsa.crt -Hash sha512 # create import archive Compress-Archive -Path ./inputinventory/* -DestinationPath ./import-from-signing.zip -Force # import and deploy Import-JS7InventoryItem -FilePath "$((Get-Location).path)/import-from-signing.zip" -Deploy -ControllerId training -SignatureAlgorithm SHA512withECDSA # logout Disconnect-JS7 |
...
Overview
Content Tools