Uploaded image for project: 'JS - JobScheduler'
  1. JS - JobScheduler
  2. JS-1592

Agent responds to HTTPS requests with SSL Client Certificate




      Current Situation

      • The Agent can be used with a Proxy product that is preferably operated on the same computer as the Agent and that stores a Proxy Server Certificate. A JobScheduler Master will request and verify the Proxy Server Certificate to secure the HTTPS communication with an Agent.
      • In order to secure both Agent and Master a proposal is available with JS-1563 to have the Master respond to an Agent Proxy SSL Client Certificate request.

      Desired Behavior

      • Considering the fact that with JS-1589 an Agent can be configured to require an access token from any clients accessing the Agent, a simplified handling of Agent SSL Client Certificates is proposed:
        • The Agent will exclusively trust clients that provide an access token.
        • The Agent stores an SSL Client Certificate with its local configuration.
        • The Agents responds to SSL Client Certificate requests as performed e.g. by the Master when using an HTTPS communication.

      Maintainer Notes

      • We tend to prefer JS-1592 and to dismiss JS-1563.
      • The Agent considers a Master sending a valid access token being trustworthy.
      • Feel free to add your comments and votes to this issue.


          Issue Links



              • Assignee:
                jz Joacim Zschimmer
                ap Andreas PĆ¼schel
              • Votes:
                0 Vote for this issue
                2 Start watching this issue


                • Created: