Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[EDGNCIP-27] - Enhance HTTP Endpoint Security with TLS and FIPS-140-2… #42

Merged
merged 10 commits into from
May 27, 2024
Merged

[EDGNCIP-27] - Enhance HTTP Endpoint Security with TLS and FIPS-140-2… #42

Changes from 1 commit
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
c056384
[EDGNCIP-27] - Enhance HTTP Endpoint Security with TLS and FIPS-140-2…
azizbekxm May 23, 2024
29eb5f7
fixed format style
azizbekxm May 23, 2024
e40d1ff
Update README.md
azizbekxm May 24, 2024
fbbb51b
Update README.md
azizbekxm May 24, 2024
e678e7e
Update README.md
azizbekxm May 24, 2024
51e2925
Update README.md
azizbekxm May 24, 2024
96e6180
Update README.md
azizbekxm May 24, 2024
019271e
Update README.md
azizbekxm May 24, 2024
8a6cd08
Update edge-common version
azizbekxm May 24, 2024
5b6535e
[EDGNCIP-27]. Bump Vert.x version
BKadirkhodjaev May 24, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
27 changes: 14 additions & 13 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,31 +54,32 @@ Configuration information is specified in two forms:
| `request_timeout_ms` | `30000` | Request Timeout |
| `api_key_sources` | `PARAM,HEADER,PATH` | Defines the sources (order of precedence) of the API key. |

### System Properties for TLS configuration for Http server
### Env variables for TLS configuration for Http server

To configure Transport Layer Security (TLS) for the HTTP server in an edge module, the following configuration
parameters should be used.
Parameters marked as Required are required only in case when ssl_enabled is set to true.

| Property | Default | Description |
|------------------------------------------------------|---------|---------------------------------------------------------------------------------------------|
| `SPRING_SSL_BUNDLE_JKS_WEB_SERVER_KEYSTORE_TYPE` | `NA` | (Required). Set the type of the keystore. Common types include `JKS`, `PKCS12`, and `BCFKS` |
| `SPRING_SSL_BUNDLE_JKS_WEB_SERVER_KEYSTORE_PATH` | `NA` | (Required). Set the location of the keystore file in the local file system |
| `SPRING_SSL_BUNDLE_JKS_WEB_SERVER_KEYSTORE_PASSWORD` | `NA` | (Required). Set the password for the keystore |
| Property | Default | Description |
|-----------------------------------------|-------------------|----------------------------------------------------------------------------------|
| `FOLIO_CLIENT_TLS_ENABLED` | `false` | Set whether SSL/TLS is enabled for Vertx Http Server |
| `FOLIO_CLIENT_TLS_TRUSTSTORETYPE` | `NA` | Set the type of the keystore. Common types include `JKS`, `PKCS12`, and `BCFKS` |
| `FOLIO_CLIENT_TLS_TRUSTSTOREPATH` | `NA` | Set the location of the keystore file in the local file system |
| `FOLIO_CLIENT_TLS_TRUSTSTOREPASSWORD` | `NA` | Set the password for the keystore |
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

here should be server related properties


### System Properties for TLS configuration for Web Client
### Env variables for TLS configuration for Web Client

To configure Transport Layer Security (TLS) for Web clients in the edge module, you can use the following configuration
parameters.
Truststore parameters for configuring Web clients are optional even when ssl_enabled = true.
If truststore parameters need to be populated, truststore_type, truststore_path and truststore_password are required.

| Property | Default | Description |
|-----------------------------------------|---------|---------------------------------------------------------------------------------|
| `FOLIO_CLIENT_TLS_ENABLED` | `false` | Set whether SSL/TLS is enabled for Vertx Http Server |
| `FOLIO_CLIENT_TLS_TRUST_STORE_TYPE` | `NA` | Set the type of the keystore. Common types include `JKS`, `PKCS12`, and `BCFKS` |
| `FOLIO_CLIENT_TLS_TRUST_STORE_PATH` | `NA` | Set the location of the keystore file in the local file system |
| `FOLIO_CLIENT_TLS_TRUST_STORE_PASSWORD` | `NA` | Set the password for the keystore |
| Property | Default | Description |
|-----------------------------------------|-------------------|----------------------------------------------------------------------------------|
| `FOLIO_CLIENT_TLS_ENABLED` | `false` | Set whether SSL/TLS is enabled for Vertx Http Server |
| `FOLIO_CLIENT_TLS_TRUSTSTORETYPE` | `NA` | Set the type of the keystore. Common types include `JKS`, `PKCS12`, and `BCFKS` |
| `FOLIO_CLIENT_TLS_TRUSTSTOREPATH` | `NA` | Set the location of the keystore file in the local file system |
| `FOLIO_CLIENT_TLS_TRUSTSTOREPASSWORD` | `NA` | Set the password for the keystore |

## Additional information

Expand Down