forked from mami-project/KeyServer
-
Notifications
You must be signed in to change notification settings - Fork 0
KeyServer Config File
Javier Gusano Martinez edited this page Aug 9, 2016
·
13 revisions
The following page shows the structure used by KeyServer for custom its settings. You can use it as template.
# Copyright 2016.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
## HTTPS Server Configuration
serverAddress=0.0.0.0
serverPort=1443
## SSL parameters
# Values for SSL Context: SSLv2, SSLv3, TLS, TLSv1, TLSv1.1, TLSv1.2
serverSSLContext=TLSv1.2
serverKeyFile=HTTPS_keystore.ks
serverKeyPass=123456
serverBacklog=0
# Values for serverKeyManagerFactory: PKIX, SunX509
serverKeyManagerFactory=SunX509
# Values for serverTrustManagerFactory: PKIX (X509 or SunPKIX), SunX509
serverTrustManagerFactory=SunX509
# Values for serverKeyStore: jceks, jks, pkcs12
serverKeyStore=JKS
# Ciphers names separated with commas.
serverCiphersSuites=TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
## Data Base Configuration
dbAddress=192.168.11.180
dbPort=6379
dbPassword=foobared
## IP White List file
whiteList=IP_whitelist.txtHTTPS Server Configuration
- serverAddress: IP listener address for KeyServer incoming requests.
- serverPort: KeyServer listening port.
- serverBacklog: Number of maximum concurrent incoming connections (0 = System default).
SSL parameters
- serverKeyFile: Private key used to https:// KeyServer requests.
- serverKeyPass: Key used to load the private key.
-
serverBacklog: This field is used to define the number of incoming parallel HTTPS connections that the KeyServer will be accept. The
0value, means that the KeyServer accept the number of parallel conections specified by the operating system.
Data Base Configuration
- dbAddress: Redis database server IP.
- dbPort: Redis database port.
- dbPassword: This field is mandatory for security reasons. Be sure that this password is equals than the specified during the Redis database config process.
IP White List
- whiteList: List with the IP authorized to use this KeyServer. If this file is not pressent, all incomming IP connections will be processed.
OpenSource KeyServer
Copyright © 2016. All rights reserved.
- KeyServer File Structure
-
Pre-Installation Process
- Oracle Java 8 (JRE)
- Redis database
- GNU Screen
- [[OpenSSL (optional)|OpenSSL-Install]]
- Installation Process
- Configuration
- How to use?
- OpenSSL Certificate Management
- Updates