...
- Create the Java Keystore using the Keytools from your Java JRE.
- Generate the Java Keystore with the private key and the certificate for the JobScheduler Master and export the certificate to a second Keystore that is later on used by the JOC Cockpit.
Example
Code Block title Example how to generate a Keystore with private key and certificate keytool -genkey -alias "master-https" -dname "CN=jobSchedulerHost,O=myCompany" -validity 1461 -keyalg RSA -keysize 1024 -keypass jobscheduler -keystore "SCHEDULER_DATA/config/private/private-https.jks" -storepass jobscheduler
Explanations- Replace the
JETTYSCHEDULER_BASEDATA
placeholder as specified above. - The
-dname
option specifies the certificate issuer, therefore use your own set of CN, OU, DC that specify the issuer's distinguished name. The O setting is required for the issuer. - The
-keypass
option accepts the password that you will need later on to manage your private key. With the default password being used no further settings are required as explained below. - The
-keystore
option specifies the location of your Keystore file.- The Keystore file should be in reach of the JobScheduler Master, it is therefore recommended to create a sub-folder
private
in the./config
directory. - Using the default file name
"private-https.jks"
will save the effort of adding further settings as explained above.
- The Keystore file should be in reach of the JobScheduler Master, it is therefore recommended to create a sub-folder
- The
-storepass
option specifies the password for access to your Keystore file. For the handling of the default password the same applies as stated with the-keypass
option.
- Replace the
- If not otherwise configured then the JobScheduler Master by default uses the password
jobscheduler
for the respective Keystore. - If you choose an individual password for the JobScheduler Master Keystore then adjust the following properties in the
SCHEDULER_DATA/
config/private/private.conf
configuration file:- Explanations
jobscheduler.master.webserver.https.keystore.file
is used for the path to the Keystorejobscheduler.
is used for the Keystore passwordmaster
.webserver.https.keystore.passwordjobscheduler.
is used for the password of your private HTTPS certificatemaster
.webserver.https.keystore.key-password
Example
Code Block language text title Sample private.conf file jobscheduler.master.webserver.https.keystore { file = "C:/ProgramData/sos-berlin.com/jobscheduler/master110/config/private/private-https.jks" # Backslashes are written twice (as in JSON notation): # file = "\\\\other-computer\\share\\my-keystore.jks" password = "secret" key-password = "secret" }
- Explanations
- Generate the Java Keystore with the private key and the certificate for the JobScheduler Master and export the certificate to a second Keystore that is later on used by the JOC Cockpit.
- Export the JobScheduler Master public certificate for use with the JOC Cockpit Web Service
Code Block title Sample for export certicate keytool -exportcert -rfc -noprompt -file "master-https.pem" -alias "master-https" -keystore "SCHEDULER_DATA/config/private/private-https.jks" -storepass jobscheduler
- The exported certificate of each JobScheduler Master has to be imported to the Java Keystore (rather Truststore) which is used by the JOC Cockpit.
...