JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 15

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 16

changes.mady.by.user Andreas Püschel

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • HTTPS Server Authentication is preferably used in combination with Client Authentication (mutual authentication) as this allows a secure configuration without the use of passwords.
    • The purpose of Server Authentication is to secure the identity of an HTTP server and to encrypt the communication between client and server.
    • The purpose of Client Authentication is to prove the identity of a client. Without proof of identity any HTTP client could perform a man-in-the-middle attack by, for example, pretending to be a Controller that connects to an Agent.
  • Please refer to the communication scheme between JS7 components products as described in the JS7 - System Architecture article:
    • User browsers acting as HTTPS clients establish connections to JOC Cockpit as an HTTPS server.
    • JOC Cockpit acting as an HTTPS client establishes connections to Controller instances acting as HTTPS servers.
    • Controller instances acting as HTTPS clients establish connections to Agents acting as HTTPS servers.
  • We recommend applying mutual authentication. However, there might be reasons why use of Client Authentication is not an immediate option, for example:
    • Use of a wildcard certificate for Server Authentication leverages the effort for certificate management. At the same time such certificates cannot be used for Client Authentication.
  • If mutual authentication is not an immediate option then passwords can be used by following the recommendations made in this article.

...