JS7 JobScheduler

Space shortcuts

Page tree

Versions Compared

Old Version 6

changes.mady.by.user Andreas Püschel

Saved on

compared with

New Version 7

changes.mady.by.user Alan Amos

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

The JS7 - Profiles hold settings that are specific for to a user account and that which are controlled by the user. 

  • Profiles include a number of categories such as Preferences, Permissions etc.
  • A Profile includes to configure the configuration of the JOC Cockpit as a Certificate Authority (CA) for JS7 - Secure Connections.
  • A Certificate Authority set up by the SSL Key Management functionality allows to create the creation of Server Authentication Certificates and Client Authentication Certificates for TLS/SSL connections.

It is recommended to use that an external Certificate Authority is used or to procure that certificates are procured from a trusted 3rd-party as the JOC Cockpit Certificate Authority cannot be considered secure:

  • The JOC Cockpit Certificate Authority is applicable in absence of decent security requirements when operating JS7 for a Security Level Low or Medium, see JS7 - Security Architecture and JS7 - Secure Operation for more information.
  • Use of the JOC Cockpit Certificate Authority is not applicable when operating JS7 for Security Level High as keys and certificates are stored with in the JS7 - Database..

The SSL Key Management functionality is used to set up up your own CA with the JOC Cockpit, see JS7 - Certificate Authority - Manage Certificates with JOC Cockpit.

  • To set up the Certificate Authority (CA) a Root CA private key and self-signed certificate are created:
  • The SSL Key Management sub-view is available to user accounts that are assigned the administrator role. To be more precise, user accounts have to be assigned the sos:products:joc:adminstration:manage role, see JS7 - Default Roles and Permissions.

The This article is intended for a security-aware audience that is technically familiar with TLS/SSL key management.

...

The Profile page is accessible from the user menu of an account in the upper right upper hand corner of any JOC Cockpit view:

...

The Root CA private key and certificate can be updated/imported from an external CA and they can be generated by the JOC Cockpit:

  • Operations for the Root CA private key and certificate include to:
    • view viewing the private key and certificate by use of using the  icon,update
    • updating the private key and certificate by use of by using the  icon,import
    • importing the private key by use of by using the  icon,
    • generate generating the private key and certificate by use of by using the  icon.

View Key and Certificate

The Root CA private key and certificate is are displayed like this:

Update Key and Certificate

The Root CA private key and certificate can be created from an external CA and can be updated by pasting from the clipboard like this:


Note: For the Root CA, the JOC Cockpit only supports ECDSA key algorithms only as RSA key algorithms are not considered secure for the future.

...