To protect the Instance key from unauthorized access, you can use the Environment variable JR_SECRET in IIS. The Environment variable is overwritten with an empty value after its first use and so disabled for other accesses. In that way unauthorized process designers cannot access the Instance key.
To safeguard the Instance key after the performance of the JobRouter installation / Update to JobRouter version 5.1
Please note: The safeguarding of your Instance key does only make sense if you want to operate a cloud environment.
To enable the use of an Environment variable, manual intervention is needed. Please proceed as follows:
1.Call the following script in your JobRouter web application: /setup/scripts/GenerateEncryptedPassword.php .
Please note: Due to safety reasons, the script /setup/scripts/GenerateEncryptedPassword.php can only be called via localhost.
2.Enter the Instance ID and the JR_SECRET in the field with the respective name and click Protect!
3.Copy the just created value into the input field instance.key of the file config/instance.key in the according instance.
4.Create a new Environment variable JR_SECRET in IIS. Insert here the value from the input field JR_SECRET , which you have used to create the instance.key in step 2.
5.Ensure that the setting variables_order is GPCS in the php.ini
variables_order = "GPCS"
6.Please restart your web server to activate the change.
7.Call your JobRouter web application. The modification was successful if no error message is displayed.
