Product Knowledge Base

Space shortcuts

Page tree

Versions Compared

Old Version 10

changes.mady.by.user Mahendra Patidar

Saved on

compared with

New Version 11

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • The connection to JobScheduler Universal Agent can be secured by HTTPS.
  • This article describes the steps required to set up secure HTTPS communication without the need of using a reverse proxy (for this use case see JobScheduler Universal Agent - connecting via HTTPS through a proxy).
  • The article describes as well how explains the authentication between Master and Agent works.

Prerequisites

The only prerequisite is to have the Java keytools installed in with your Java JRE. It is highly probable that this is already installed with your JRE.

...

Set up a secure connection to

...

the

...

Agent 

Step 1: Create the Java Keystore

...

  • Create the Java Keystore using the Keytools from your Java JRE.
    • If not otherwise configured then JobScheduler Agent and Master by default use the password jobscheduler for the Keystore.
    • if you choose an individual password for the Keystore then adjust the following properties in the <agent_data>/config/private/private.conf configuration file:
      • Explanations
        • jobscheduler.agent.webserver.https.keystore.file is used for the path to the Keystore
        • jobscheduler.agent.webserver.https.keystore.password is used for the Keystore password
        • jobscheduler.agent.webserver.https.keystore.key-password is used for the password of your private HTTPS certificate

      • Example

        Code Block
        languagetext
        titleSample private.conf file
        jobscheduler.agent.webserver.https.keystore {
  file = "C:/ProgramData/sos-berlin.com/jobscheduler/agent110/config/private/private-https.jks"
  # Backslashes are written twice (as in JSON notation):
  # file = "\\\\other-computer\\share\\my-keystore.jks"
  password = "jobscheduler"
  key-password = "jobscheduler"
}
    • Find a sample script to generate the Keystore with keygen.sh
  • Store the private key for the Agent under <agent_data>/config/private
    • Filename: private-https.jks
  • Store the trusted certificate for the Master under <master_data>/config
    • Filename: agent-https.jks

Step 2: Set up authentication between Master and Agent

  • Set Master password in a file on the Master under <master_data>/config/private
    • Filename: private.conf

    • The file look like this:

      Code Block
      jobscheduler.master.credentials.password = "myjobscheduler4444"
  • Specify the Master password in a file on the Agent under <agent_data>/config/private
    • Filename: private.conf

    • Specify the Master that will try to communicate with the Agent through the JobScheduler ID. For example, for a Master with ID "scheduler_4444" this file would look as follows:

      Code Block
      jobscheduler.agent.auth.users {
  scheduler_4444 = "plain:myjobscheduler4444"
}

...