Skip to content

KeyServer Config File

Jump to bottom
Javier Gusano Martinez edited this page Jan 19, 2017 · 13 revisions

Introduction

The following page shows the structure used by KeyServer for custom its settings. You can use it as template.

Configuration file structure (Template)

# Copyright 2016.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#      http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

## General Settings
ksCheckUpdates=3600000

## HTTPS Server Configuration
serverAddress=0.0.0.0
serverPort=1443

## SSL parameters
serverKeyStoreFile=config/ksserverkey.jks
serverKeyStorePassword=123456
serverKeyManagerPassword=123456
serverIdleTimeout=30000
serverIpWhiteList=127.0.0.1 & 192.168.1.30

## Data Base Configuration
dbAddress=127.0.0.1
dbPort=6379
dbPassword=foobared
dbIndex=0
dbCheckInterval=1000

Config file parameters description

General

  • ksCheckUpdates: This field is mandatory and the units used are milliseconds. This value is used to set the interval value in milliseconds for check if there are a new KeyServer version available on GitHub. This interval is used to verify if the KeyServer HTTPS server certificate has been expired too. The value must be greather than 60000ms.

HTTPS Server Configuration

  • serverAddress: IP listener address for KeyServer incoming requests.
  • serverPort: KeyServer listening port.
  • serverIpWhiteList: This field is optional. Contains all IPs with authorization for KeyServer use. Go tho this section for learn more about this field: Client IP white list.

SSL parameters

  • serverKeyStoreFile: File with the server certificate and private key used by Jetty for create the https:// service.
  • serverKeyStorePassword: File key store password.
  • serverKeyManagerPassword: File key manager password.
  • serverIdleTimeout: The time in milliseconds that the connection can be idle before it is closed.

Data Base Configuration

  • dbAddress: Redis database server IP.
  • dbPort: Redis database port.
  • dbPassword: This field is mandatory for security reasons. Be sure that this password is equals than the specified during Redis database security configuration process.
  • dbIndex: This field is optional. It's required when the private keys will be stored in a Redis DB index different to 0. If the specified value is not valid or not included on config file, KeyServer will show a warning message and the execution will continue normally using 0 as DB index.
  • dbCheckInterval: This field is mandatory. Value specified in milliseconds. This value represents when the Redis DB connection will be tested with a PING periodically. If the DB connection is broken when the KeyServer is running, it will try to connect automatically. The field value must be greater than 100ms.

OpenSource KeyServer

Copyright © 2016. All rights reserved.

Open Source KeyServer

Index

KeyServer Develop

Testing & Performance

Clone this wiki locally