eid-ops/eidas-qa-proxy/overlay/etc/eidas-proxy/se/cfg/application-se.properties

# Logging
logging.level.org.springframework.web=INFO

# Service path
server.servlet.context-path=/eidas-ps

#proxy-service.path.prefix=${spring.config.additional.location}..
#proxy-service.config.location=file://${spring.config.additional.location}

proxy-service.image.logo=${spring.config.additional.location}/img/idp-logo.svg
proxy-service.image.icon=${spring.config.additional.location}/img/idp-logo-notext.svg

# Service port connector settings
server.port=8443
#server.ssl.key-store=${proxy-service.path.prefix}/keystore/sslSnakeOil.p12
#server.ssl.key-store-type=PKCS12
#server.ssl.key-store-password=secret
#server.ssl.key-password=secret

tomcat.ajp.port=8009
tomcat.ajp.remoteauthentication=false
tomcat.ajp.enabled=true

# For development. Allowing signature check on metadata to be skipped. Default false.
#proxy-service.dev.ignoreMetadataSignCheck=true

# Initial delay in milliseconds (default 5000) and seconds between metadata configuration recache (default 240 sec).
#proxy-service.daemon.inital.delay.ms=5000
proxy-service.daemon.recache.delay.sec=240

# Location of other properties files (general-metadata.properties, psidp-metadata.properties and natsp-metadata.properties)
# Example specifying external location: 'proxy-service.config.location=file:///opt/webapp/eidas-ps/cfg/'
# Example specifying src/main/resources config location: 'classpath:'

proxy-service.country=SE

# Key Store properties
# Location can be specified as "classpath:" or as file path e.g "/opt/webapp/eidas-ps/keystore/keyStore.jks"
proxy-service.keySourceType=PKCS12
proxy-service.keySourceLocation=${proxy-service.path.prefix}/proxy.p12
proxy-service.keySourcePass=dummy
proxy-service.keySourceAlias=proxy

proxy-service.natsp.keySourceType=PKCS12
proxy-service.natsp.keySourceLocation=${proxy-service.path.prefix}/proxy.p12
proxy-service.natsp.keySourcePass=dummy
proxy-service.natsp.keySourceAlias=proxy

proxy-service.metadata.keySourceType=PKCS12
proxy-service.metadata.keySourceLocation=${proxy-service.path.prefix}/metadata.p12
proxy-service.metadata.keySourcePass=dummy
proxy-service.metadata.keySourceAlias=metadata

# Session Encryption properties
#proxy-service.cookieEncryptPw=changeme

# Requirements to show consent dialogue (Default false);
proxy-service.consent=true
proxy-service.consent.attributes=urn:oid:1.2.752.201.3.7,\
  urn:oid:2.5.4.4,\
  urn:oid:2.5.4.42,\
  urn:oid:1.3.6.1.5.5.7.9.3,\
  urn:oid:1.3.6.1.5.5.7.9.1
proxy-service.consent.valuetranslation=urn:oid:1.3.6.1.5.5.7.9.3

# Welcome page presentation text location
proxy-service.welcomepage.markdown=${proxy-service.path.prefix}/cfg/infotext.md

#Metadata Service List location specified as either URL (http or https), "file://" or "classpath:"
proxy-service.eidasMdListLocation=https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml

# Optional certificate file for validating metadata service list file signatures
# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
proxy-service.eidasMdListCertFile=${proxy-service.path.prefix}/cfg/metadata.crt

#Metadata location for aggregated metadata specified as either URL (http or https), "file://" or "classpath:"
proxy-service.eidasMetadataLocation=https://qa.md.eidas.swedenconnect.se/role/sp.xml

# Optional certificate file for validating metadata signatures
# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/cfg/metadata.crt

# Optional cache dir for caching downloaded metadata. If not set, cache is stored in memory.
proxy-service.eidasMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache

#Metadata location for national IdP metadata specified as either URL (http or https), "file://" or "classpath:"

#proxy-service.nationalMetadata.test.location=http://eid.svelegtest.se/metadata/mdx/role/idp.xml
#proxy-service.nationalMetadata.test.certFile=${proxy-service.path.prefix}/cfg/se-metadata-cert.crt
#proxy-service.nationalMetadata.test.cacheFile=${proxy-service.path.prefix}/cache/test-metadata.xml
#proxy-service.nationalMetadata.test.index=1

proxy-service.nationalMetadata.qa.location=https://qa.md.swedenconnect.se/role/idp.xml
proxy-service.nationalMetadata.qa.certFile=${proxy-service.path.prefix}/cfg/metadata.crt
proxy-service.nationalMetadata.qa.cacheFile=${proxy-service.path.prefix}/cache/qa-metadata.xml
proxy-service.nationalMetadata.qa.index=0

management.server.context-path=/manage
management.server.security.enabled=false
management.server.port=8444
management.server.ssl.enabled=true

proxy-service.syslog.enabled=true

# Override default signature algorithms
proxy-service.signature-algorithm=http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1
proxy-service.signature-algorithm.md=${proxy-service.signature-algorithm}
proxy-service.signature-algorithm.natsp=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
proxy-service.signature-algorithm.natsp.md=${proxy-service.signature-algorithm.natsp}

#Private SP requests from other eIDAS countries
proxy-service.private-sp.enabled=true

#These configuration properties allow configuration of the HTTP client used to obtain metadata as well as for OpenID connect operations such as retrieving ID tokens and user-info tokens from the OP.
proxy-service.http.connect-timeout=1000
proxy-service.http.read-timeout=5000
se proxy config 2017-12-19 13:40:49 +01:00			`# Logging`
			`logging.level.org.springframework.web=INFO`

			`# Service path`
deploy ps 1.2.0 in qa 2018-12-11 13:33:46 +01:00			`server.servlet.context-path=/eidas-ps`
se proxy config 2017-12-19 13:40:49 +01:00
another fix 2018-12-11 14:20:52 +01:00			`#proxy-service.path.prefix=${spring.config.additional.location}..`
			`#proxy-service.config.location=file://${spring.config.additional.location}`
se proxy config 2017-12-19 13:40:49 +01:00
changing logo and icon of proxy in QA Ref: SC-1744 2023-08-30 14:39:38 +02:00			`proxy-service.image.logo=${spring.config.additional.location}/img/idp-logo.svg`
			`proxy-service.image.icon=${spring.config.additional.location}/img/idp-logo-notext.svg`
configure logo for PS 2018-10-15 16:11:55 +02:00
se proxy config 2017-12-19 13:40:49 +01:00			`# Service port connector settings`
			`server.port=8443`
			`#server.ssl.key-store=${proxy-service.path.prefix}/keystore/sslSnakeOil.p12`
			`#server.ssl.key-store-type=PKCS12`
			`#server.ssl.key-store-password=secret`
			`#server.ssl.key-password=secret`

			`tomcat.ajp.port=8009`
			`tomcat.ajp.remoteauthentication=false`
			`tomcat.ajp.enabled=true`

			`# For development. Allowing signature check on metadata to be skipped. Default false.`
			`#proxy-service.dev.ignoreMetadataSignCheck=true`

			`# Initial delay in milliseconds (default 5000) and seconds between metadata configuration recache (default 240 sec).`
			`#proxy-service.daemon.inital.delay.ms=5000`
			`proxy-service.daemon.recache.delay.sec=240`

			`# Location of other properties files (general-metadata.properties, psidp-metadata.properties and natsp-metadata.properties)`
			`# Example specifying external location: 'proxy-service.config.location=file:///opt/webapp/eidas-ps/cfg/'`
			`# Example specifying src/main/resources config location: 'classpath:'`

set country to SE 2017-12-31 14:05:43 +01:00			`proxy-service.country=SE`
se proxy config 2017-12-19 13:40:49 +01:00
			`# Key Store properties`
			`# Location can be specified as "classpath:" or as file path e.g "/opt/webapp/eidas-ps/keystore/keyStore.jks"`
			`proxy-service.keySourceType=PKCS12`
			`proxy-service.keySourceLocation=${proxy-service.path.prefix}/proxy.p12`
			`proxy-service.keySourcePass=dummy`
			`proxy-service.keySourceAlias=proxy`

			`proxy-service.natsp.keySourceType=PKCS12`
			`proxy-service.natsp.keySourceLocation=${proxy-service.path.prefix}/proxy.p12`
			`proxy-service.natsp.keySourcePass=dummy`
			`proxy-service.natsp.keySourceAlias=proxy`

			`proxy-service.metadata.keySourceType=PKCS12`
			`proxy-service.metadata.keySourceLocation=${proxy-service.path.prefix}/metadata.p12`
			`proxy-service.metadata.keySourcePass=dummy`
wrong alias 2017-12-30 17:32:47 +01:00			`proxy-service.metadata.keySourceAlias=metadata`
se proxy config 2017-12-19 13:40:49 +01:00
			`# Session Encryption properties`
			`#proxy-service.cookieEncryptPw=changeme`

			`# Requirements to show consent dialogue (Default false);`
			`proxy-service.consent=true`
			`proxy-service.consent.attributes=urn:oid:1.2.752.201.3.7,\`
			`urn:oid:2.5.4.4,\`
			`urn:oid:2.5.4.42,\`
			`urn:oid:1.3.6.1.5.5.7.9.3,\`
			`urn:oid:1.3.6.1.5.5.7.9.1`
			`proxy-service.consent.valuetranslation=urn:oid:1.3.6.1.5.5.7.9.3`

			`# Welcome page presentation text location`
			`proxy-service.welcomepage.markdown=${proxy-service.path.prefix}/cfg/infotext.md`

			`#Metadata Service List location specified as either URL (http or https), "file://" or "classpath:"`
deploy proxy ver 1.0.12 2018-03-16 09:33:04 +01:00			`proxy-service.eidasMdListLocation=https://qa.md.eidas.swedenconnect.se/mdservicelist-aggregate.xml`
se proxy config 2017-12-19 13:40:49 +01:00
			`# Optional certificate file for validating metadata service list file signatures`
			`# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set`
deploy proxy ver 1.0.12 2018-03-16 09:33:04 +01:00			`proxy-service.eidasMdListCertFile=${proxy-service.path.prefix}/cfg/metadata.crt`
se proxy config 2017-12-19 13:40:49 +01:00
			`#Metadata location for aggregated metadata specified as either URL (http or https), "file://" or "classpath:"`
deploy proxy ver 1.0.12 2018-03-16 09:33:04 +01:00			`proxy-service.eidasMetadataLocation=https://qa.md.eidas.swedenconnect.se/role/sp.xml`
se proxy config 2017-12-19 13:40:49 +01:00
			`# Optional certificate file for validating metadata signatures`
			`# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set`
deploy proxy ver 1.0.12 2018-03-16 09:33:04 +01:00			`proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/cfg/metadata.crt`
se proxy config 2017-12-19 13:40:49 +01:00
			`# Optional cache dir for caching downloaded metadata. If not set, cache is stored in memory.`
			`proxy-service.eidasMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache`

			`#Metadata location for national IdP metadata specified as either URL (http or https), "file://" or "classpath:"`

disconnect test from qa 2018-09-03 15:31:56 +02:00			`#proxy-service.nationalMetadata.test.location=http://eid.svelegtest.se/metadata/mdx/role/idp.xml`
			`#proxy-service.nationalMetadata.test.certFile=${proxy-service.path.prefix}/cfg/se-metadata-cert.crt`
			`#proxy-service.nationalMetadata.test.cacheFile=${proxy-service.path.prefix}/cache/test-metadata.xml`
			`#proxy-service.nationalMetadata.test.index=1`
se proxy config 2017-12-19 13:40:49 +01:00
deploy proxy ver 1.0.12 2018-03-16 09:33:04 +01:00			`proxy-service.nationalMetadata.qa.location=https://qa.md.swedenconnect.se/role/idp.xml`
rollback 2018-04-09 13:36:02 +02:00			`proxy-service.nationalMetadata.qa.certFile=${proxy-service.path.prefix}/cfg/metadata.crt`
			`proxy-service.nationalMetadata.qa.cacheFile=${proxy-service.path.prefix}/cache/qa-metadata.xml`
deploy proxy ver 1.0.12 2018-03-16 09:33:04 +01:00			`proxy-service.nationalMetadata.qa.index=0`
turn on mgmt on 8444 2018-02-13 12:14:41 +01:00
deploy ps 1.2.0 in qa 2018-12-11 13:33:46 +01:00			`management.server.context-path=/manage`
			`management.server.security.enabled=false`
			`management.server.port=8444`
			`management.server.ssl.enabled=true`
proxy syslog cfg 2018-09-21 23:02:23 +02:00
client syslog 2018-09-24 09:45:39 +02:00			`proxy-service.syslog.enabled=true`
config updatering av proxy service i QA för att köra RSA-PSS (SC-93) 2020-11-11 09:41:16 +01:00
			`# Override default signature algorithms`
			`proxy-service.signature-algorithm=http://www.w3.org/2007/05/xmldsig-more#sha256-rsa-MGF1`
			`proxy-service.signature-algorithm.md=${proxy-service.signature-algorithm}`
			`proxy-service.signature-algorithm.natsp=http://www.w3.org/2001/04/xmldsig-more#rsa-sha256`
			`proxy-service.signature-algorithm.natsp.md=${proxy-service.signature-algorithm.natsp}`
Update and upgrade Proxy in QA Ref SC-543 2022-01-18 16:29:08 +01:00
			`#Private SP requests from other eIDAS countries`
			`proxy-service.private-sp.enabled=true`
updated proxy in QA ref: SC-2287 2024-05-27 22:51:30 +02:00
			`#These configuration properties allow configuration of the HTTP client used to obtain metadata as well as for OpenID connect operations such as retrieving ID tokens and user-info tokens from the OP.`
			`proxy-service.http.connect-timeout=1000`
			`proxy-service.http.read-timeout=5000`