Configuration
Configuring your Virtual Signer
When using the docker.env approach we introduced in the Deployment guide, most of these settings may be defined in your docker.env file that is used by your Docker instance. Most of them are populated by defaults, but you may want to set your own values in some cases.
On changing a configuration item, please restart your Virtual Signer instances to make the changes take effect. When using docker-compose, you could run docker-compose restart to restart all services.
Contact your io.finnet representative for more information if you would like to understand more about these options.
| Configuration | Description |
|---|---|
PortEDG_VS_PortInteger | The TCP port opened by the Virtual Signer, part of the URL exposed for device registration. |
PrometheusPortEDG_VS_PrometheusPortString | The port that the Prometheus /metrics HTTP endpoint will be served on. See Deployment for more details on how monitoring a Virtual Signer works. |
BindingNetworkNameEDG_VS_BindingNetworkNameString | The network name or IP address bound within the local host for accepting POST requests for device registration. |
LogLevelEDG_VS_LogLevelString | The log level of the Virtual Signer. Valid values are "info" or "debug". |
APIBaseURLEDG_VS_APIBaseURLString | The URL of the io.vault or io.network API. This URL has a placeholder "%s", which the Virtual Signer replaces with a method name (e.g., "accessToken"). |
MQTTEndpointEDG_VS_MQTTEndpointString | The URL of the MQTT service for protocol messages exchanged among devices. |
MQTTCACertEDG_VS_MQTTCACertString | A MQTT certificate in string format. New lines must be represented as "\n". |
OrgIdEDG_VS_OrgIdString | Optional. The organization ID used when registering a device on launch. Required if InitialDevices is defined. |
InitialDevicesEDG_VS_INITIAL_DEVICESString | Optional. Comma-separated device names to be registered on launch. Requires OrgId. |
AuthClientIdEDG_VS_AuthClientIdString | The client ID used for authentication along with AuthClientSecret. |
AuthClientSecretEDG_VS_AuthClientSecretString | The client secret used for authentication with AuthClientId. |
GraphQLServiceEDG_VS_GraphQLServiceString | The URL of the GraphQL service. |
ExternalReshareApprovalURLEDG_VS_ExternalReshareApprovalURLString | The URL of a user API that approves or rejects reshare requests. Required if ApprovalMode="API". |
ExternalTransactionApprovalURLEDG_VS_ExternalTransactionApprovalURLString | The URL of a user API that approves or rejects transactions. Required if ApprovalMode="API". |
ApprovalHTTPPublicKeyHexEDG_VS_ApprovalHTTPPublicKeyHexString | The EdDSA P256 public key (hex-encoded) used to verify HTTP responses from the user API when ApprovalMode="API". |
PrivateKeyPathEDG_VS_PrivateKeyPathString | The secure directory where private keys of newly created devices are saved. |
PrivateKeyFileMaskEDG_VS_PrivateKeyFileMaskString | A file mask defining the filenames of private keys. Default: "%s_%s.key". |
PrivateSharePathEDG_VS_PrivateSharePathString | The secure directory where private shares of newly created devices are saved. |
PrivateShareEdDSAFileMaskEDG_VS_PrivateShareEdDSAFileMaskString | A file mask defining filenames for EdDSA private shares. Default: "%s.%s.share". |
SignerInputHashPathEDG_VS_SignerInputHashPathString | The secure directory where transaction input hashes are saved. |
RunningWithinSGXEDG_VS_RunningWithinSGXBoolean | true/false. If true, the Virtual Signer adds extra encryption for saved files. |
ApprovalModeEDG_VS_ApprovalModeString | Determines approval mechanism. Valid values: "API", "SmartContract", or "AlwaysApprove". |
ApprovalNodeRPCAddressEDG_VS_ApprovalNodeRPCAddressString | Required for "SmartContract" mode. RPC address of an Ethereum or io.network node. |
ApprovalSmartContractAddressEDG_VS_ApprovalSmartContractAddressString | Required for "SmartContract" mode. Smart contract address in hex ("0x...") that approves/rejects requests. |
EnvironmentEDG_VS_ENVString | Refers to an io.vault environment and defines the config file to use. Possible values: "dev", "pre", "staging". |
Updated 8 days ago