Network Map Configuration Parameters
Configuration reference for the Network Map Service
address: The host and port on which the service runs
database: See CENM Database Configuration
shell: (Optional) See Shell Configuration Parameters
enmListener (optional in a simple test deployment): Details on how the service will communicate with the rest of the CENM deployment.
- port: The port that the service will bind to, and other CENM components will connect to.
- verbose: (Optional) Enables verbose logging for the socket layer.
- reconnect: Informs whether a client should attempt to reconnect if the connection is dropped.
- ssl: See SSL Settings
checkRevocation (optional, defaults to
false
if omitted): If set to true, the Network Map will check with the Identity Manager’s revocation service to find out if the registering node is revoked.pollingInterval: How often nodes registering with the network map should check back for new entries.
identityManager (optional in a simple test deployment): Details where the issuance service is on the network
- host: The host the Identity Manager Service is running on.
- port:
The port that its
enmListener
is bound to. - ssl: See SSL Settings for details.
revocation (optional in a simple test deployment): Details where the revocation service is on the network
- host: The host that the Identity Manager Service is running on.
- port:
The port that its
enmListener
is bound to. - ssl: See SSL Settings for details.
localSigner: (Optional) Configuration of the local signer for the Network Map Service. Useful for debugging, testing or when HSM support is not available.
- keyStore:
Configuration for key store containing the Network Map Service key pair.
- file: The path to the key store file containing the signing keys for the Network Map Service.
- password: The key store password.
- keyAlias: The key alias under which the key can be found in the key store.
- keyPassword: The password for the ‘keyAlias’ key entry within the key store.
- signInterval: The number of times the signing process should be triggered (in milliseconds).
- timeout: (Optional) The maximum time allowed for executing the signing process (in milliseconds). Defaults to 30 seconds. If the timeout threshold is reached, then the signing process will abort and wait before retrying. The wait time after each failure is determined by an exponential backoff strategy.
- keyStore:
Configuration for key store containing the Network Map Service key pair.
versionInfoValidation: (Optional) Configuration for the validation of node version info while publishing node info to the Network Map
minimumPlatformVersion: (Optional - defaults to -1) The minimum platform version of Corda that a node needs to run, to successfully publish its node info to the Network Map. The platform version is an integer value which increments on any release where any of the public API of the entire Corda platform changes. Setting this to a value of <1 disables this behaviour, where the Network Map Service won’t check that the platform version is passed from the node. However checks against Network Parameters will still be done.
newPKIOnly: (Optional - defaults to false) A boolean parameter that determines whether node info publishing should be rejected for all nodes running an outdated version of Corda that does not support the new PKI structure (arbitrary length certificate chains).
adminListener: To use the RPC API in the Identity Manager Service, you must define a configuration property called
adminListener
. You can addport
,reconnect
, andverbose
. Also, this property has an SSL field - see SSL Settings for more information.- port: Port number to listen to for Admin RPC connections.
- verbose:
(Optional) Enables verbose logging for the socket layer. Defaults to
false
. - reconnect:
(Optional) Determines if a client should attempt to reconnect if the connection is dropped. Defaults to
true
. - ssl: See SSL Settings for details.
adminListener
property is present in the configuration, this means that the service must only be used via Admin RPC. In this case, the shell
configuration property will be disabled. The shell
and adminListener
properties cannot be used in the configuration at the same time.- authServiceConfig:
The admin RPC interface requires an Auth Service to verify
requests, which must be configured below in a
authServiceConfig
block. Typically this is provided automatically by the Zone Service (via an Angel Service), however the parameters are detailed below for reference:- host: The hostname of the Auth Service. Required unless authentication is disabled.
- port: The port number of the Auth Service. Required unless authentication is disabled.
- trustStore:
Trust store configuration for the SSL PKI root of trust.
- location: The location in the file system of the keystore containing the Auth Service root of trust.
- password: The password for the trust root keystore.
- issuer: The "iss" claim in the JWT - you must set the same value as in the Auth Service’s configuration. Required unless authentication is disabled.
- leeway: Defines the amount of time, in seconds, allowed when checking JSON Web Token (JWT) issuance and expiration times. Required unless authentication is disabled. R3 recommends a default time of 10 seconds.
Redirection forbidden
The Network Map cannot be redirected. Only HTTP OK (response code 200) is supported - any other kind of response codes, including HTTP redirects (for example, response code 301), are NOT supported.
Was this page helpful?
Thanks for your feedback!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.
We're sorry this page wasn't helpful. Let us know how we can make it better!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Create an issue
Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.