Configuration
Info
From version 4.13.0 of the HSMthe configuration via the configuration file Configuration.ND has been discontinued.
The JCA/JCE CSP of Dinamo is a layer above the native API of Dinamo. See the topic Environment variables for client library configuration options.
JCA/JCE dinamo can be configured in the following ways (in order):
- System properties;
- System properties file;
- Environment variables;
- Windows Credential Manager.
The loading of information follows the order of priority above. For example, if there is a setting in an environment variable and there is also the same setting made via system properties, the setting made in the system property will take precedence.
Settings
Configuration file
Defines the full path of the configuration file, of type system properties. Defining this file is optional. In it, the settings must be entered as system properties.
Example file:
dinamo.hsm.jca.ip=127.0.0.1
dinamo.hsm.jca.user=master
dinamo.hsm.jca.pwd=12345678
| Type | Key |
|---|---|
| System property | dinamo.hsm.config.file |
| Environment variable | HSM_JCA_CONFIG_FILE |
IP address
HSM address.
Optional if load balancing is enabled.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.ip |
| Environment variable | HSM_JCA_IP |
| Windows Credential Manager | Target |
User
HSM user name.
Optional if using access tokens or Windows Credential.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.user |
| Environment variable | HSM_JCA_USER |
| Windows Credential Manager | User Name |
Password
User password
Optional if using access tokens or Windows Credential.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.pwd |
| Environment variable | HSM_JCA_PWD |
| Windows Credential Manager | Password |
Access Token
HSM access tokens. Must be entered on a 64 basis.
Become user e password unnecessary.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.atoken |
| Environment variable | HSM_JCA_ATOKEN |
Ignores balancing
Bypasses the load balance and makes ip mandatory.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.bypass.lb |
| Environment variable | HSM_JCA_BYPASS_LB |
Accept the values true or false.
If not entered, the default is
false.
Log Level
JCA log level.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.log.level |
| Environment variable | HSM_JCA_LOG_LEVEL |
Possible values.
| Type | Value |
|---|---|
| Disabled | 0 |
| Info | 1 |
| Warning | 2 |
| Error | 3 |
| Debug | 4 |
If not entered, the default value is
0.
Log file
Path to the log file, including file name.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.log.path |
| Environment variable | HSM_JCA_LOG_PATH |
If not entered, the default value is
DinamoJCA.log.
Disable TLS
Disables the TLS encrypted connection.
Danger
Use only for specific debugging cases. Some operations may not work with this option enabled.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.disable.tls |
| Environment variable | HSM_JCA_DISABLE_TLS |
Accept the values true or false.
If not entered, the default is
false.
Exportable Keys
Symmetrical
Create symmetric keys as exportable.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.exportable.symkey |
| Environment variable | HSM_JCA_EXPORTABLE_SYMKEY |
Accept the values true or false.
If not entered, the default is
true.
Asymmetrical
Create asymmetric keys as exportable.
| Type | Key |
|---|---|
| System property | dinamo.hsm.jca.exportable.asymkey |
| Environment variable | HSM_JCA_EXPORTABLE_ASYMKEY |
Accept the values true or false.
If not entered, the default is
false.
System Properties
They can be defined as settings, parameters, programmatically or in any other available way.
Example:
java -D"dinamo.hsm.jca.ip=127.0.0.1" -D"dinamo.hsm.jca.user=master" -D"dinamo.hsm.jca.pwd=12345678" -jar app.jar
Properties file
Properties file. Enter the configuration file via system properties or environment variable.
Example file:
dinamo.hsm.jca.ip=127.0.0.1
dinamo.hsm.jca.user=master
dinamo.hsm.jca.pwd=12345678
Example call:
java -D"dinamo.hsm.config.file=conf.properties" -jar app.jar
Environmental variables
Set according to the operating system.
Example:
export HSM_JCA_IP="127.0.0.1"
export HSM_JCA_USER="master"
export HSM_JCA_PWD="12345678"
Credential Manager
Windows credentials can be used and are last in the order of precedence.
This credential will be used when the Address is configured (system properties, environment variables or configuration file) in the JCA and the user and password are not.
Using the Windows Credential Manager in the Windows Credentials option, you can create a generic credential.
This generic credential must have the HSM 's IP as its address and the user and password defined in the corresponding fields.
In the JCA settings, you must enter the IP address of the HSM and this will be used to find the credential in the Windows Credential Manager.
Example configuration:
export HSM_JCA_IP="127.0.0.1"