eid-ops/eidas-proxy-common/overlay/etc/eidas-proxy/se/cfg/application-se.properties

# Logging
logging.level.org.springframework.web=INFO

# Service path
server.servlet.context-path=/eidas-ps

#proxy-service.path.prefix=${spring.config.additional.location}..
#proxy-service.config.location=file://${spring.config.additional.location}

proxy-service.image.logo=${spring.config.additional.location}/img/sweden-connect-color-yellow-on-blue.svg
proxy-service.image.icon=${spring.config.additional.location}/img/sweden-connect-color-yellow-on-blue-no-text.svg

# Service port connector settings
server.port=8443
#server.ssl.key-store=${proxy-service.path.prefix}/keystore/sslSnakeOil.p12
#server.ssl.key-store-type=PKCS12
#server.ssl.key-store-password=secret
#server.ssl.key-password=secret

tomcat.ajp.port=8009
tomcat.ajp.remoteauthentication=false
tomcat.ajp.enabled=true

# For development. Allowing signature check on metadata to be skipped. Default false.
#proxy-service.dev.ignoreMetadataSignCheck=true

# Initial delay in milliseconds (default 5000) and seconds between metadata configuration recache (default 240 sec).
#proxy-service.daemon.inital.delay.ms=5000
proxy-service.daemon.recache.delay.sec=240

# Location of other properties files (general-metadata.properties, psidp-metadata.properties and natsp-metadata.properties)
# Example specifying external location: 'proxy-service.config.location=file:///opt/webapp/eidas-ps/cfg/'
# Example specifying src/main/resources config location: 'classpath:'

proxy-service.country=SE

# Key Store properties
# Location can be specified as "classpath:" or as file path e.g "/opt/webapp/eidas-ps/keystore/keyStore.jks"

proxy-service.pkcs11.external-config-locations=${spring.config.location}/pkcs11.cfg
proxy-service.pkcs11.reloadable-keys=false

proxy-service.keySourceType=PKCS11
proxy-service.keySourcePass=${proxy-service.pkcs11.pin}
proxy-service.keySourceAlias=sc_eidas_sign
proxy-service.keySourceCertLocation=${spring.config.location}/sign.crt

proxy-service.encryption.keySourceType=PKCS11
proxy-service.encryption.keySourcePass=${proxy-service.pkcs11.pin}
proxy-service.encryption.keySourceAlias=sc_eidas_encrypt
proxy-service.encryption.keySourceCertLocation=${spring.config.location}/enc.crt

proxy-service.metadata.keySourceType=PKCS11
proxy-service.metadata.keySourcePass=${proxy-service.pkcs11.pin}
proxy-service.metadata.keySourceAlias=swedenconnect
proxy-service.metadata.keySourceCertLocation=${spring.config.location}/swedenconnect-signer.crt

# Session Encryption properties
#proxy-service.cookieEncryptPw=changeme

# Requirements to show consent dialogue (Default false);
proxy-service.consent=true
proxy-service.consent.attributes=urn:oid:1.2.752.201.3.7,\
  urn:oid:2.5.4.4,\
  urn:oid:2.5.4.42,\
  urn:oid:1.3.6.1.5.5.7.9.3,\
  urn:oid:1.3.6.1.5.5.7.9.1
proxy-service.consent.valuetranslation=urn:oid:1.3.6.1.5.5.7.9.3

# Welcome page presentation text location
proxy-service.welcomepage.markdown=${proxy-service.path.prefix}/cfg/infotext.md

#Metadata Service List location specified as either URL (http or https), "file://" or "classpath:"
proxy-service.eidasMdListLocation=https://md.eidas.swedenconnect.se/mdservicelist-aggregate.xml

# Optional certificate file for validating metadata service list file signatures
# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
proxy-service.eidasMdListCertFile=${proxy-service.path.prefix}/cfg/swedenconnect-signer.crt

#Metadata location for aggregated metadata specified as either URL (http or https), "file://" or "classpath:"
proxy-service.eidasMetadataLocation=https://md.eidas.swedenconnect.se/entities

# Optional certificate file for validating metadata signatures
# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/cfg/swedenconnect-signer.crt

# Optional cache dir for caching downloaded metadata. If not set, cache is stored in memory.
proxy-service.eidasMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache

#Metadata location for national IdP metadata specified as either URL (http or https), "file://" or "classpath:"

proxy-service.nationalMetadata.prod.location=https://md.swedenconnect.se/role/idp.xml
proxy-service.nationalMetadata.prod.certFile=${proxy-service.path.prefix}/cfg/swedenconnect-signer.crt
proxy-service.nationalMetadata.prod.cacheFile=${proxy-service.path.prefix}/cache/prod-metadata.xml
proxy-service.nationalMetadata.prod.index=0

management.server.context-path=/manage
management.server.security.enabled=false
management.server.port=8444
management.server.ssl.enabled=true

proxy-service.syslog.enabled=true
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00			`# Logging`
			`logging.level.org.springframework.web=INFO`

			`# Service path`
fix for 1.3.4 upgrade 2020-06-01 11:24:40 +02:00			`server.servlet.context-path=/eidas-ps`
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00
fix for 1.3.4 upgrade 2020-06-01 11:24:40 +02:00			`#proxy-service.path.prefix=${spring.config.additional.location}..`
			`#proxy-service.config.location=file://${spring.config.additional.location}`
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00
fix for 1.3.4 upgrade 2020-06-01 11:24:40 +02:00			`proxy-service.image.logo=${spring.config.additional.location}/img/sweden-connect-color-yellow-on-blue.svg`
			`proxy-service.image.icon=${spring.config.additional.location}/img/sweden-connect-color-yellow-on-blue-no-text.svg`
Upgrade proxy to 1.1.15 in production and connector to 1.5.0. 2018-11-26 15:53:29 +01:00
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00			`# Service port connector settings`
			`server.port=8443`
			`#server.ssl.key-store=${proxy-service.path.prefix}/keystore/sslSnakeOil.p12`
			`#server.ssl.key-store-type=PKCS12`
			`#server.ssl.key-store-password=secret`
			`#server.ssl.key-password=secret`

			`tomcat.ajp.port=8009`
			`tomcat.ajp.remoteauthentication=false`
			`tomcat.ajp.enabled=true`

			`# For development. Allowing signature check on metadata to be skipped. Default false.`
			`#proxy-service.dev.ignoreMetadataSignCheck=true`

			`# Initial delay in milliseconds (default 5000) and seconds between metadata configuration recache (default 240 sec).`
			`#proxy-service.daemon.inital.delay.ms=5000`
			`proxy-service.daemon.recache.delay.sec=240`

			`# Location of other properties files (general-metadata.properties, psidp-metadata.properties and natsp-metadata.properties)`
			`# Example specifying external location: 'proxy-service.config.location=file:///opt/webapp/eidas-ps/cfg/'`
			`# Example specifying src/main/resources config location: 'classpath:'`

			`proxy-service.country=SE`

			`# Key Store properties`
			`# Location can be specified as "classpath:" or as file path e.g "/opt/webapp/eidas-ps/keystore/keyStore.jks"`
switch to pkcs11 keys 2018-09-20 15:21:55 +02:00
correct pkcs11 location prefix 2018-09-20 15:46:48 +02:00			`proxy-service.pkcs11.external-config-locations=${spring.config.location}/pkcs11.cfg`
reset prod config 2018-09-20 23:00:39 +02:00			`proxy-service.pkcs11.reloadable-keys=false`
switch to pkcs11 keys 2018-09-20 15:21:55 +02:00
			`proxy-service.keySourceType=PKCS11`
			`proxy-service.keySourcePass=${proxy-service.pkcs11.pin}`
			`proxy-service.keySourceAlias=sc_eidas_sign`
fix cert locations 2018-09-20 22:24:30 +02:00			`proxy-service.keySourceCertLocation=${spring.config.location}/sign.crt`
switch to pkcs11 keys 2018-09-20 15:21:55 +02:00
			`proxy-service.encryption.keySourceType=PKCS11`
			`proxy-service.encryption.keySourcePass=${proxy-service.pkcs11.pin}`
			`proxy-service.encryption.keySourceAlias=sc_eidas_encrypt`
correct cert paths 2018-09-20 22:38:06 +02:00			`proxy-service.encryption.keySourceCertLocation=${spring.config.location}/enc.crt`
switch to pkcs11 keys 2018-09-20 15:21:55 +02:00
			`proxy-service.metadata.keySourceType=PKCS11`
			`proxy-service.metadata.keySourcePass=${proxy-service.pkcs11.pin}`
			`proxy-service.metadata.keySourceAlias=swedenconnect`
correct cert paths 2018-09-20 22:38:06 +02:00			`proxy-service.metadata.keySourceCertLocation=${spring.config.location}/swedenconnect-signer.crt`
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00
			`# Session Encryption properties`
			`#proxy-service.cookieEncryptPw=changeme`

			`# Requirements to show consent dialogue (Default false);`
			`proxy-service.consent=true`
			`proxy-service.consent.attributes=urn:oid:1.2.752.201.3.7,\`
			`urn:oid:2.5.4.4,\`
			`urn:oid:2.5.4.42,\`
			`urn:oid:1.3.6.1.5.5.7.9.3,\`
			`urn:oid:1.3.6.1.5.5.7.9.1`
			`proxy-service.consent.valuetranslation=urn:oid:1.3.6.1.5.5.7.9.3`

			`# Welcome page presentation text location`
			`proxy-service.welcomepage.markdown=${proxy-service.path.prefix}/cfg/infotext.md`

			`#Metadata Service List location specified as either URL (http or https), "file://" or "classpath:"`
reset prod config 2018-09-20 23:00:39 +02:00			`proxy-service.eidasMdListLocation=https://md.eidas.swedenconnect.se/mdservicelist-aggregate.xml`
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00
			`# Optional certificate file for validating metadata service list file signatures`
			`# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set`
correct signing cert 2018-09-25 08:33:00 +02:00			`proxy-service.eidasMdListCertFile=${proxy-service.path.prefix}/cfg/swedenconnect-signer.crt`
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00
			`#Metadata location for aggregated metadata specified as either URL (http or https), "file://" or "classpath:"`
load more entities 2018-09-25 08:42:45 +02:00			`proxy-service.eidasMetadataLocation=https://md.eidas.swedenconnect.se/entities`
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00
			`# Optional certificate file for validating metadata signatures`
			`# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set`
reset prod config 2018-09-20 23:00:39 +02:00			`proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/cfg/swedenconnect-signer.crt`
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00
			`# Optional cache dir for caching downloaded metadata. If not set, cache is stored in memory.`
			`proxy-service.eidasMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache`

			`#Metadata location for national IdP metadata specified as either URL (http or https), "file://" or "classpath:"`

reset prod config 2018-09-20 23:00:39 +02:00			`proxy-service.nationalMetadata.prod.location=https://md.swedenconnect.se/role/idp.xml`
			`proxy-service.nationalMetadata.prod.certFile=${proxy-service.path.prefix}/cfg/swedenconnect-signer.crt`
			`proxy-service.nationalMetadata.prod.cacheFile=${proxy-service.path.prefix}/cache/prod-metadata.xml`
			`proxy-service.nationalMetadata.prod.index=0`
created eidas-connector-common and eidas-proxy-common 2018-05-24 10:29:44 +02:00
fix for 1.3.4 upgrade 2020-06-01 11:24:40 +02:00			`management.server.context-path=/manage`
			`management.server.security.enabled=false`
			`management.server.port=8444`
			`management.server.ssl.enabled=true`
proxy syslog cfg 2018-09-21 23:02:23 +02:00
client syslog 2018-09-24 09:45:39 +02:00			`proxy-service.syslog.enabled=true`