Connect to the Coordinator with TLS1.2

This topic explains how to secure communications between the coordinator and its agents/clients using SSL (TLS v1.2).

Setting up the Coordinator

The Coordinator's SSL options are configurable through the Connection panel on the Coordinator Settings window (accessible via the Coordinator Tray Application). To enable SSL, check the 'Use Secure Connections' checkbox.

Coordinator EnableTLS

After enabling secure connections, select a valid certificate to use from the drop down.

Note Note

The list of available certificates is populated from the local machine's Personal Windows Certificate Store. If a desired certificate is not displayed, make sure it has been installed for the local machine and not a specific user's account.

Coordinator Select Certificate
Setting up an Agent

All Agents attempting to connect to an SSL-enabled Coordinator must also be configured to use secure connections. Open the Connection panel of the Agent Settings window (accesible via the Agent Tray Application) and check the 'Use Secure Connections' checkbox.

Agent EnableTLS

If the Coordinator has been configured to use a self-signed certificate, check the 'Allow Self-Signed Certificates' checkbox.

Caution note Caution

Opting to use a self-signed certificate will bypass all certificate validation against trusted certificate authorities.

Connecting In Code

If the Coordinator and Agent(s) are using secured communications, any client code submitting jobs must also enable the option to use SSL. To do this, set the ClusterJobScheduler's UseSsl property to true. If using self-signed certificates, also set the AllowSelfSignedCertificates property to true.

Note Note

The trusted root certificate used to sign the Coordinator's certificate must be in either a custom TrustStore or the Java system TrustStore. If using a custom TrustStore, set the Java system property to the filepath of the custom TrustStore.

To enable Certificate Revocation List checks, set the and Java system properties to true. These properties can be set in client code, as in the example below, or passed as command line arguments to the JVM.

package stkscalabilitysdk.howto;

import java.text.SimpleDateFormat;
import java.util.GregorianCalendar;

import agi.parallel.client.ClusterJobScheduler;
import agi.parallel.client.IJobScheduler;
import agi.parallel.client.Job;
import agi.parallel.infrastructure.Task;

public class SslExample {
    public static void main(String[] args) {
        ClusterJobScheduler scheduler = new ClusterJobScheduler("localhost");
        try {

            Job job = scheduler.createJob();
            job.addTask(new AddTask(1, 1));

        } finally {

    public static class AddTask extends Task {
      int a, b;
      public AddTask(int a, int b) {
        this.a = a;
        this.b = b;

      public void execute() {
        this.setResult(a + b);

STK Scalability 1.3 API for Java