You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
-**Description:** A cipher key used to encrypt and decrypt the HMAC secret keys of client entities. This is used only when `scalar.dl.auditor.authentication.method` is set to "hmac".
191
+
-**Description:** A cipher key used to encrypt and decrypt the HMAC secret keys of client entities. This is used only when `scalar.dl.auditor.authentication.method` is set to `hmac`.
-**Description:** The authentication method for a client and Auditor servers. This must be consistent with the client configuration.
197
+
-**Description:** The authentication method for clients and Auditor servers. `digital-signature` or `hmac` can be specified. This must be consistent with the Ledger configuration.
198
198
-**Default value:**`digital-signature` (Optional)
199
199
200
200
### `authorization.credential`
@@ -203,12 +203,72 @@ You can configure several settings for the Auditor server, such as service port
203
203
-**Description:** An authorization credential (e.g., Bearer token).
204
204
-**Default value:** empty (Optional)
205
205
206
+
### `cert_holder_id` (Deprecated)
207
+
208
+
-**Field:**`scalar.dl.auditor.cert_holder_id`
209
+
-**Description:** The holder ID of a certificate. This field is used to identify the certificate holder for the Auditor.
210
+
-**Default value:**`auditor`
211
+
212
+
:::note
213
+
214
+
This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the [ScalarDL Authentication Guide](./authentication.mdx).
215
+
216
+
:::
217
+
218
+
### `cert_version` (Deprecated)
219
+
220
+
-**Field:**`scalar.dl.auditor.cert_version`
221
+
-**Description:** The version of the certificate. This field specifies the version of the Auditor certificate.
222
+
-**Default value:**`1`
223
+
224
+
:::note
225
+
226
+
This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the [ScalarDL Authentication Guide](./authentication.mdx).
-**Description:** The maximum message size allowed for a single gRPC frame. If an inbound message larger than this limit is received, it will not be processed, and the RPC will fail with `RESOURCE_EXHAUSTED`.
-**Description:** The maximum size of metadata allowed to be received. This is cumulative size of the entries with some overhead, as defined for HTTP/2's SETTINGS_MAX_HEADER_LIST_SIZE.
-**Description:** The holder ID of the certificate of Ledger. This field is used to identify the certificate holder for the Ledger.
252
+
-**Default value:**`ledger`
253
+
254
+
:::note
255
+
256
+
This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the [ScalarDL Authentication Guide](./authentication.mdx).
-**Description:** The version of the certificate. This field specifies the version of the Ledger certificate.
264
+
-**Default value:**`1`
265
+
266
+
:::note
267
+
268
+
This configuration is deprecated and will be deleted in release 5.0.0 since Ledger-Auditor authentication will use HMAC only. For more details about authentication, see the [ScalarDL Authentication Guide](./authentication.mdx).
269
+
270
+
:::
271
+
212
272
### `ledger.host`
213
273
214
274
-**Field:**`scalar.dl.auditor.ledger.host`
@@ -239,6 +299,18 @@ You can configure several settings for the Auditor server, such as service port
239
299
-**Description:** Namespace of auditor tables.
240
300
-**Default value:**`auditor` (Optional)
241
301
302
+
### `private_key_path`
303
+
304
+
-**Field:**`scalar.dl.auditor.private_key_path`
305
+
-**Description:** The path to the private key file in PEM format. This or `scalar.dl.auditor.private_key_pem` is used to sign certificates with a digital signature. When `scalar.dl.auditor.servers.authentication.hmac.secret_key` is empty, the signature is also used by Ledger to authenticate the corresponding certificate from Auditor.
306
+
-**Default value:** empty (Optional)
307
+
308
+
### `private_key_pem`
309
+
310
+
-**Field:**`scalar.dl.auditor.private_key_pem`
311
+
-**Description:** PEM-encoded private key data. This or `scalar.dl.auditor.private_key_path` is used to sign certificates with a digital signature. When `scalar.dl.auditor.servers.authentication.hmac.secret_key` is empty, the signature is also used by Ledger to authenticate the corresponding certificate from Auditor.
312
+
-**Default value:** empty (Optional)
313
+
242
314
### `server.admin_port`
243
315
244
316
-**Field:**`scalar.dl.auditor.server.admin_port`
@@ -281,18 +353,18 @@ You can configure several settings for the Auditor server, such as service port
281
353
-**Description:** Prometheus exporter port.
282
354
-**Default value:**`8080`
283
355
284
-
### `server.tls.enabled`
285
-
286
-
-**Field:**`scalar.dl.auditor.server.tls.enabled`
287
-
-**Description:** A flag to enable TLS communication between clients and servers.
-**Description:** The authentication method for a client and servers.
471
+
-**Description:** The authentication method for clients and Ledger/Auditor servers. `digital-signature` or `hmac` can be specified. This must be consistent with the Ledger/Auditor configuration.
400
472
-**Default value:**`digital-signature` (Optional)
401
473
402
474
### `authorization.credential`
@@ -405,12 +477,90 @@ You can configure several settings for clients, such as Ledger server and Audito
405
477
-**Description:** An authorization credential for Ledger.
406
478
-**Default value:** empty (Optional)
407
479
480
+
### `cert_holder_id` (Deprecated)
481
+
482
+
-**Field:**`scalar.dl.client.cert_holder_id`
483
+
-**Description:** The holder ID of a certificate. This field is used to identify the certificate holder for the client.
484
+
-**Default value:** empty
485
+
486
+
:::note
487
+
488
+
This configuration is deprecated and will be deleted in release 5.0.0. Use `scalar.dl.client.entity.id` instead. If both configurations are specified, `scalar.dl.client.entity.id` will be used.
489
+
490
+
:::
491
+
492
+
### `cert_path` (Deprecated)
493
+
494
+
-**Field:**`scalar.dl.client.cert_path`
495
+
-**Description:** The path of a certificate file in PEM format. This field specifies the path to the client certificate file.
496
+
-**Default value:** empty
497
+
498
+
:::note
499
+
500
+
This configuration is deprecated and will be deleted in release 5.0.0. Use `scalar.dl.client.entity.identity.digital_signature.cert_path` instead.
501
+
502
+
:::
503
+
504
+
### `cert_pem` (Deprecated)
505
+
506
+
-**Field:**`scalar.dl.client.cert_pem`
507
+
-**Description:** PEM-encoded certificate data. This field specifies the PEM-encoded certificate data for the client.
508
+
-**Default value:** empty
509
+
510
+
:::note
511
+
512
+
This configuration is deprecated and will be deleted in release 5.0.0. Use `scalar.dl.client.entity.identity.digital_signature.cert_pem` instead.
513
+
514
+
:::
515
+
516
+
### `cert_version` (Deprecated)
517
+
518
+
-**Field:**`scalar.dl.client.cert_version`
519
+
-**Description:** The version of the certificate. This field specifies the version of the client certificate.
520
+
-**Default value:**`1`
521
+
522
+
:::note
523
+
524
+
This configuration is deprecated and will be deleted in release 5.0.0. Use `scalar.dl.client.entity.identity.digital_signature.cert_version` instead.
525
+
526
+
:::
527
+
408
528
### `entity.id`
409
529
410
530
-**Field:**`scalar.dl.client.entity.id`
411
531
-**Description:** A unique ID of a requester (e.g., a user or a device).
-**Description:** The path of a certificate file in PEM format, which is required if `scalar.dl.client.entity.identity.digital_signature.cert_pem` is empty.
-**Description:** The path of a private key file in PEM format, which corresponds to the specified certificate. Required if `scalar.dl.client.entity.identity.digital_signature.private_key_pem` is empty.
@@ -447,6 +597,30 @@ You can configure several settings for clients, such as Ledger server and Audito
447
597
-**Description:** A client mode (CLIENT or INTERMEDIARY).
448
598
-**Default value:** empty (Optional)
449
599
600
+
### `private_key_path` (Deprecated)
601
+
602
+
-**Field:**`scalar.dl.client.private_key_path`
603
+
-**Description:** The path of a private key file in PEM format. This field specifies the path to the client private key file.
604
+
-**Default value:** empty
605
+
606
+
:::note
607
+
608
+
This configuration is deprecated and will be deleted in release 5.0.0. Use `scalar.dl.client.entity.identity.digital_signature.private_key_path` instead.
609
+
610
+
:::
611
+
612
+
### `private_key_pem` (Deprecated)
613
+
614
+
-**Field:**`scalar.dl.client.private_key_pem`
615
+
-**Description:** PEM-encoded private key data. This field specifies the PEM-encoded private key data for the client.
616
+
-**Default value:** empty
617
+
618
+
:::note
619
+
620
+
This configuration is deprecated and will be deleted in release 5.0.0. Use `scalar.dl.client.entity.identity.digital_signature.private_key_pem` instead.
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments