-
Notifications
You must be signed in to change notification settings - Fork 29
/
testconf-good.json
33 lines (33 loc) · 1.9 KB
/
testconf-good.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
{
"TLSClientAuthMode": 4,
"X509CACertLocation":"testdata/cacert.pem",
"Keys": [
{"Identifier": "key1", "KeyLabel": "foo", "KeyType": 3, "SignatureAlgo": 10, "SlotNumber": 1, "UserPinPath" : "/path/1", "X509CACertLocation": "/path/foo", "CreateCACertIfNotExist": true, "CommonName": "My CA", "OCSPServers": [], "CRLDistributionPoints": []},
{"Identifier": "key2", "KeyLabel": "bar", "KeyType": 1, "SignatureAlgo": 4, "SlotNumber": 2, "UserPinPath" : "/path/2", "OCSPServers": ["http://test.ocsp.com:8888"], "CRLDistributionPoints": ["http://test.crl.com:8889"]},
{"Identifier": "key3", "KeyLabel": "baz", "KeyType": 1, "SignatureAlgo": 4, "SlotNumber": 0, "TokenLabel": "foo", "UserPinPath" : "/path/3", "X509CACertLocation": "/path/baz", "OCSPServers": ["http://test1.ocsp.com:8888", "http://test2.ocsp.com:8888"], "CRLDistributionPoints": ["http://test1.crl.com:8889", "http://test2.crl.com:8889"]}
],
"KeyUsages": [
{"Endpoint": "/sig/x509-cert", "Identifiers": ["key1", "key3"], "MaxValidity": 3600, "PrioritySchedulingEnabled": true},
{"Endpoint": "/sig/ssh-host-cert", "Identifiers": ["key1", "key2"], "MaxValidity": 36000, "PrioritySchedulingEnabled": false},
{"Endpoint": "/sig/ssh-user-cert", "Identifiers": ["key3"], "MaxValidity": 36000, "PrioritySchedulingEnabled": false},
{"Endpoint": "/sig/blob", "Identifiers": ["key1"], "MaxValidity": 36000, "PrioritySchedulingEnabled": false}
],
"ShutdownOnInternalFailure": true,
"ShutdownOnInternalFailureCriteria": {
"ReportMode": true,
"ConsecutiveCountLimit": 3,
"TimerDurationSecond": 120,
"TimerCountLimit": 20
},
"IdleTimeout": 30,
"ReadTimeout": 10,
"WriteTimeout": 10,
"RequestTimeout": 15,
"OTel": {
"Enabled": true,
"OTELCollectorEndpoint": "http://localhost:4317",
"ClientCertPath": "/path/to/client/cert",
"ClientKeyPath": "/path/to/client/key",
"CACertPath": "/path/to/ca/cert"
}
}