# jAgent Security
Read Time: 2 minute(s)
# Enabling SSL Encryption
jAgent may be configured to use SSL encryption. To activate SSL encryption, you must specify a valid x509 certificate and a private key. The certificate and key may be specified using command line options, or in the jAgent configuration file.
The following example describes how to create a self-signed certificate with OpenSSL:
# Create a self-signed certificate with OpenSSL
- Create an RSA private key:
C:\programs\openssl\bin>openssl req -x509 -sha256 -newkey rsa:2048 -keyout key.pem -out cert.pem -days 365 -nodes Generating a 2048 bit RSA private key .....+++ ................................+++ writing new private key to 'key.pem' ----- You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: State or Province Name (full name) [Some-State]: Locality Name (eg, city) : Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) : Common Name (e.g. server FQDN or YOUR name) : Email Address :
- Start jAgent in SSL mode
C:\programs\openssl\bin>jbase_agent -c cert.pem -k key.pem --config %HOME%\jagent_config
# Authentication Modes
For jRemote, ODBC and JDBC clients, jAgent supports three different authentication modes (See command line options):
- 1. Anonymous - authentication does not verify any user credentials.
- 2. User - authentication verifies user credentials against a local user credentials database.
- 3. Account - authentication will attempt to use the provided user credentials to log into a specific jBASE account.
For REST clients, an appropriate HTTP-based authentication mechanism must be implemented in the REST code.
# Setting up User Authentication
- Create the jAgent user file
CREATE-FILE JAGENT_USER 1 53 [ 417 ] File JAGENT_USER]D created , type = J4 [ 417 ] File JAGENT_USER created , type = J4
- Create the user and set the password
jbase_agent adduser test jbase_agent passwd test newpassword
- Now start jbase_agent with user authentication.
jbase_agent -A user
# Setting up Account Authentication
The environment should be configured with JEDIFILENAME_SYSTEM set to a valid jBASE SYSTEM file that contains the jBASE accounts you wish to connect to. This can be set in the jAgent configuration file [ENVIRONMENT] section, if desired.
- Start jbase_agent to authentication with account authentication
jbase_agent -A account