Configuration
Configuring your Virtual Signer
When using the docker.env
approach we introduced in the Deployment guide, most of these settings may be defined in your docker.env
file that is used by your Docker instance. Most of them are populated by defaults, but you may want to set your own values in some cases.
On changing a configuration item, please restart your Virtual Signer instances to make the changes take effect. When using docker-compose, you could run docker-compose restart
to restart all services.
Contact your io.finnet representative for more information if you would like to understand more about these options.
Configuration | Description |
---|---|
Port
| The TCP port opened by the Virtual Signer, part of the URL exposed for device registration. |
PrometheusPort | The port that the Prometheus |
BindingNetworkName | The network name or IP address bound within the local host for accepting POST requests for device registration. |
LogLevel | The log level of the Virtual Signer. Valid values are |
APIBaseURL | The URL of the io.vault or io.network API. This URL has a placeholder |
MQTTEndpoint | The URL of the MQTT service for protocol messages exchanged among devices. |
MQTTCACert | A MQTT certificate in string format. New lines must be represented as |
OrgId | Optional. The organization ID used when registering a device on launch. Required if |
InitialDevices | Optional. Comma-separated device names to be registered on launch. Requires |
AuthClientId | The client ID used for authentication along with |
AuthClientSecret | The client secret used for authentication with |
GraphQLService | The URL of the GraphQL service. |
ExternalReshareApprovalURL | The URL of a user API that approves or rejects reshare requests. Required if |
ExternalTransactionApprovalURL | The URL of a user API that approves or rejects transactions. Required if |
ApprovalHTTPPublicKeyHex | The EdDSA P256 public key (hex-encoded) used to verify HTTP responses from the user API when |
PrivateKeyPath | The secure directory where private keys of newly created devices are saved. |
PrivateKeyFileMask | A file mask defining the filenames of private keys. Default: |
PrivateSharePath | The secure directory where private shares of newly created devices are saved. |
PrivateShareEdDSAFileMask | A file mask defining filenames for EdDSA private shares. Default: |
SignerInputHashPath | The secure directory where transaction input hashes are saved. |
RunningWithinSGX |
|
ApprovalMode | Determines approval mechanism. Valid values: |
ApprovalNodeRPCAddress | Required for |
ApprovalSmartContractAddress | Required for |
Environment | Refers to an io.vault environment and defines the config file to use. Possible values: |
Updated 11 days ago