initial-config
This section lists the Corda CLI initial-config arguments. You can use these commands to manually perform various setup actions, as described in the Manual Bootstrapping section.
create-user-config
The create-user-config command creates the SQL script to add the RBAC
Role-based access control. Also known as role-based security. A permission system to restrict system access based on assigned permissions.
configuration for an initial admin user.
| Argument | Description |
|---|---|
| -l, --location | The path to write the generated SQL files to. |
| -p, --password | The password of the initial admin user. |
| -u, --user | The user name of the initial admin user. |
corda-cli.sh initial-config create-user-config -u <INITIAL-ADMIN-USERNAME> -p <INITIAL-ADMIN-PASSWORD> -l /tmp/db
corda-cli.cmd initial-config create-user-config -u <INITIAL-ADMIN-USERNAME> -p <INITIAL-ADMIN-PASSWORD> -l /tmp/db
create-db-config
The create-db-config command creates the SQL statements to insert the connection manager configuration for the database.
| Argument | Description |
|---|---|
| -a, --is-admin | Specifies if this is an admin (DDL) connection. The default value is false. |
| -d, --description | Detailed information about the database connection. |
| -e, --passphrase | The passphrase for the default secrets service. This must match the value specified in the Corda deployment configuration for the database worker A worker that connects to, manages, and operates upon the database(s) used by the Corda cluster. This includes the cluster-level database schemas needed to store configuration data for the cluster, but also the separate databases/schemas used by each virtual node. . |
| --idle-timeout | The maximum time (in seconds) that a connection can stay idle in the pool. The default value is 120. |
| -j, --jdbc-url | The JDBC URL for the connection. This value is required. |
| --jdbc-pool-max-size | The maximum size of the JDBC connection pool. The default value is 10. |
| --jdbc-pool-min-size | The minimum size of the JDBC connection pool. |
-k, --key | The vault key for the HashiCorp Vault external secrets service. |
| --keepalive-time | The interval time (in seconds) in which connections are tested for aliveness. The default value is 0. |
| -l, --location | The path to write the generated SQL files to. |
| --max-lifetime | The maximum time (in seconds) a connection can stay in the pool. The default value is 1800. |
| -n, --name | The name of the database connection. This value is required. |
| -p, --password | The password for the database connection. This value is required. |
| -s, --salt | The salt for the default secrets service. This must match the value specified in the Corda deployment configuration for the database worker. |
| -t, --type | Specifies the lookup service used to resolve secrets. This can be one of the following: |
| -u, --user | The user name for the database connection. This value is required. |
| -v, --vault-path | The path to Corda created secrets for the HashiCorp Vault external secrets service. |
| --validation-timeout | The maximum time (in seconds) that the pool waits for a connection to be validated as alive. The default value is 5. |
corda-cli.sh initial-config create-db-config -u <RBAC-USERNAME> -p <RBAC-PASSWORD> \
--name corda-rbac --jbdc-url jdbc:postgresql://<DB-HOST>:<DB-PORT>/<DB=NAME> \
--jdbc-pool-max-size <POOL-SIZE> --salt <SALT> --passphrase <PASSPHRASE> -l /tmp/db
corda-cli.cmd initial-config create-db-config -u <RBAC-USERNAME> -p <RBAC-PASSWORD> `
--name corda-rbac --jbdc-url jdbc:postgresql://<DB-HOST>:<DB-PORT>/<DB=NAME> `
--jdbc-pool-max-size <POOL-SIZE> --salt <SALT> --passphrase <PASSPHRASE> -l /tmp/db
create-crypto-config
The create-crypto-config command creates the SQL statements to insert the initial crypto configuration for the database. This operation must be performed after the cluster database is initialized but before the cluster is started.
| Argument | Description |
|---|---|
| -l, --location | The path to write the generated SQL files to. |
| -p, --passphrase | The passphrase for the encrypting secrets service. This must match the value specified in the Corda deployment configuration for the database worker. |
| -s, --salt | Salt for the encrypting secrets service. This must match the value specified in the Corda deployment configuration for the database worker. |
| -wp, --wrapping-passphrase | The passphrase for the key derivation function for the master wrapping key. Used to protect all crypto database content via a second set of wrapping keys. For more information see Key Management. |
| -ws, --wrapping-salt | The salt for the key derivation function for the master wrapping key. Used to protect all crypto database content via a second set of wrapping keys. For more information see Key Management. |
corda-cli.sh initial-config create-crypto-config --salt <SALT> --passphrase <PASSPHRASE> -l /tmp/db
corda-cli.cmd initial-config create-crypto-config --salt <SALT> --passphrase <PASSPHRASE> -l /tmp/db
Was this page helpful?
Thanks for your feedback!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.
We're sorry this page wasn't helpful. Let us know how we can make it better!
Chat with us
Chat with us on our #docs channel on slack. You can also join a lot of other slack channels there and have access to 1-on-1 communication with members of the R3 team and the online community.
Create an issue
Create a new GitHub issue in this repository - submit technical feedback, draw attention to a potential documentation bug, or share ideas for improvement and general feedback.
Propose documentation improvements directly
Help us to improve the docs by contributing directly. It's simple - just fork this repository and raise a PR of your own - R3's Technical Writers will review it and apply the relevant suggestions.