Skip to content

Keys

The key value store of Consul administrates the SEAL Print Client server configuration.

The keys are set during the installation.

Values with time specifications are specified in the following time units:

  • seconds (s, sec)

  • minutes (m, min)

  • hours (h, hr)

  • days (d)

  • weeks (w, wk)

  • months

  • years (y, yr)

Example - with time units

  • <time_interval>=2h30m
  • <time_interval>=4m2s

ACTION_EXECUTOR

ACTION_EXECUTOR specifies the backend system.

The key is available for the seal-operator-p4, seal-operator-dpf and the seal-operator-p5 services.

Available values: String

  • P4

    PLOSSYS netdome system

  • DPF

    Digital Paper Factory

  • P5

    PLOSSYS 5 system

  • MOCK

    Only simulation

Default: MOCK

API_BASE_URL

API_BASE_URL specifies the URL of the server API.

The key is available for the seal-print-client service.

Available values: String

  • https://api:<port_number>

Default: https://api:3008

API_VERSION

API_VERSION specifies the version of the server API.

The key is available for the seal-print-client service.

Available values: String

  • <v1>

Default: v1

APW_URL

APW_URL specifies the URL of the APW Rest server.

The key is available for the seal-operator-p4 service.

Available values: String

  • https://<server_name>:8433

Default: https://localhost:8443

AUTH_CLIENT_ID

AUTH_CLIENT_ID specifies the client name configured in the ID Provider for retrieving the access token.

The key is available for all services.

The following OAuth Flows are needed:

  • Code Flow

    OAuth Flow for interactive login (service name: seal-operator-ui)

  • Client Credential Flow

    OAuth Flow for internal communication between the services (service name: e.g. seal-operator-server, seal-operator-p4, seal-operator-p5)

Available values: String

  • <service_name>

Default:

  • seal-print-client for the user interface
  • operator for all other services

AUTH_CLIENT_SECRET

AUTH_CLIENT_SECRET specifies the client secret for retrieving the ID provider's access token.

The key is available for all services.

The following OAuth Flows are needed:

  • Code Flow

    OAuth Flow for interactive login (service name: seal-operator-ui)

  • Client Credential Flow

    OAuth Flow for internal communication between the services (service name: e.g. seal-operator-server, seal-operator-p4, seal-operator-p5

Available values: String

  • <secret>

Default: not revealed

AUTH_CLOCK_TOLERANCE

AUTH_CLOCK_TOLERANCE specifies the maximum number of seconds of allowed time skew between the OAuth provider and client.

The key is available for the seal-print-client service.

Available values: String

  • <number>

Default: 5

AUTH_DEFAULT_SESSION_DURATION

AUTH_DEFAULT_SESSION_DURATION specifies the duration of the default session in seconds if the OAuth provider does not expose the refresh_expires_in parameter in the token. Keycloak provides this parameter.

The key is available for the seal-print-client service.

Avaialble values: String

  • <number>

Default: 180

AUTH_ISSUER_URL

AUTH_ISSUER_URL specifies the OpenID Connect issuer URL. This URL is configured in Keycloak.

The key is available for the seal-print-client service.

Availale values: String

  • https://<localhost>:<32769>/auth/realms/<SEAL>

Default: https://localhost:32769/auth/realms/SEAL

AUTH_REFRESH_TOLERANCE

AUTH_REFRESH_TOLERANCE specifies the time in seconds a token is automtically refreshed when it is about to expire.

The key is available for the seal-print-client service.

Available values: String

  • <number>

Default: 5

AUTH_TOKEN_ENDPOINT

AUTH_TOKEN_ENDPOINT specifies the URL of the token endpoint.

The key is available for the seal-operator-p5, the seal-operator-p4 and the seal-operator-dpf services.

Available values: String

  • https://<server_name/auth/token>:

Default: The default is automatically evaluated by the OpenID configuration path.

CONSUL_TOKEN

CONSUL_TOKEN specifies the ACL token with which the SEAL Print Client services authenticate themselves to Consul.

The key is available for all services.

Available values: String

  • INSECURE_ACL_MASTER_TOKEN

Default: none

CONSUL_URL

CONSUL_URL specifies the address of the Consul server to which the SEAL Print Client services log on.

The key is available for all services.

Available values: String

  • https://<server_name>:8500

Default: https://localhost:8500

CS_TYPE

CS_TYPE specifies the used credential store type.

The key is available for the seal-operator-server service.

Available values: String

  • none

    No credential store.

  • mock

    Only simulation.

  • mongo

    Store credentials encrypted in mongodb.

  • vault

    Store credentials in vault.

Default: mongo

DEFAULT_DPF_SCHEMA

DEFAULT_DPF_SCHEMA specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the DPF connector.

The key is available for the seal-operator-dpf service.

Available values: String

  • <path_name>

Default: <dpf_connector_install_dir>/lib/defaultConfig/schema.json

DEFAULT_FILEUPLOAD_PANEL

DEFAULT_FILEUPLOAD_PANEL specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the panel.

The key is available for the seal-operator-fileupload service.

Available values: String

  • <path_name>

Default: <fileupload_connector_install_dir>/lib/defaultConfig/panel.json

DEFAULT_FILEUPLOAD_SCHEMA

DEFAULT_FILEUPLOAD_SCHEMA specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the My Documents connector.

The key is available for the seal-operator-fileupload service.

Available values: String

  • <path_name>

Default: <fileupload_connector_install_dir>/lib/defaultConfig/schema.json

DEFAULT_P4_SCHEMA

DEFAULT_P4_SCHEMA specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the PLOSSYS netdome connector.

The key is available for the seal-operator-p4 service.

Available values: String

  • <path_name>

Default: <p4_connector_install_dir>/lib/defaultConfig/schema.json

DEFAULT_P5_SCHEMA

DEFAULT_P5_SCHEMA specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the PLOSSYS 5 connector.

The key is available for the seal-operator-p5 service.

Available values: String

  • <path_name>

Default: <p5_connector_install_dir>/lib/defaultConfig/schema.json

DEFAULT_SAP_SCHEMA

DEFAULT_SAP_SCHEMA specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the SAP connector.

The key is available for the seal-operator-sap service.

Available values: String

  • <path_name>

Default: <sap_connector_install_dir>/lib/defaultConfig/schema.json

DEFAULT_P4_PANEL

DEFAULT_P4_PANEL specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the panel.

The key is available for the seal-operator-p4 service.

Available values: String

  • <path_name>

Default: <p4_connector_install_dir>/lib/defaultConfig/panel.json

DEFAULT_P5_PANEL

DEFAULT_P5_PANEL specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the panel.

The key is available for the seal-operator-p5 service.

Available values: String

  • <path_name>

Default: <p5_connector_install_dir>/lib/defaultConfig/panel.json

DEFAULT_SAP_PANEL

DEFAULT_SAP_PANEL specifies the path to the JSON scheme file. The JSON scheme file contains the configuration settings for the panel.

The key is available for the seal-operator-sap service.

Available values: String

  • <path_name>

Default: <sap_connector_install_dir>/lib/defaultConfig/panel.json

DISABLE_MY_LISTS_ACCESS

DISABLE_MY_LISTS_ACCESS specifes whether the menue item My List at the left menu is disabled.

The key is available for the seal-print-client service.

Available values: Boolean

  • true

  • false

Default: false

DPF_URL

DPF_URL specifies the URL for the REST calls.

The key is available for the seal-operator-dpf service.

Available values: String

  • https://<server_name>:<port>/rest/dpf/v1

Default: https://localhost:9126/rest/dpf/v1

ID_PROVIDER_CERT

ID_PROVIDER_CERT specifies the path and the file name of the certificate generated by the identity provider.

The key is available for all services.

The key is mandatory.

Available values: String

  • <path_name>

Default: none

ID_PROVIDER_NAME

ID_PROVIDER_NAME specifies the name of the identity provider.

The key is available for all services.

The key is mandatory.

Available values: String

  • <id_provider_name> (Keycloak: For example, here it is a complete URL: https://<hostname>:32769/auth/realms/SEAL)

Default: none

JWT_USERNAME

JWT_USERNAME specifies the user name set in the JSON Web Token (JWT). JWT_USERNAME specifies the user name in the current output job.

The key is available for the seal-operator-p4 and the seal-operator-p5 services.

Available values: String

  • <user_name>

Default: sub

LISTITEM_NAME

LISTITEM_NAME specifies the name of the property that is used as a list item name.

The key is available for the seal-print-client service.

Avaialable values: String

  • <metadata.name>

Default: metadata.name

LOG_LEVEL

LOG_LEVEL specifies the log level for the correspondent service. Messages that correspond to this log level or a higher one are written to the log file.

The key is available for all services.

Available values: Enumeration (value in ascending order)

  • debug

    Debug messages are written to the log file of the service.

  • info

    Information messages are written to the log file of the service.

  • warn

    Warnings are written to the log file of the service.

  • error

    Error messages are written to the log file of the service.

  • fatal

    Messages about serious error are written to the log file of the service.

Default: info

Example - log level error

Messages of the log levels error and fatal are written to the log file.

Example - log level info

Messages of the log levels info, warn, error andfatal are written to the log file.

MESSAGE_TIMOUT

MESSAGE_TIMOUT specifies the time interval after that the messages will be deleted.

The key is available for the seal-operator-server service.

Available values: String

  • <time_interval>

Default: 1h

MESSAGE_TTL

MESSAGE_TTL specifies how long the messages will be stored.

The key is available for the seal-operator-server service.

Available values: String

  • <time_interval>

Default: 24h

MONGO_CONNECT_RETRIES

MONGO_CONNECT_RETRIES specifies how often the service attempts to connect to the database.

The key is available for the seal-operator-server service.

Available values: Integer

  • <retries>

Default: 10

MONGO_FILEUPLOAD_URL

MONGO_FILEUPLOAD_URL specifies the URL of the MongoDB for file uploads into My Documents.

The key is available for the seal-operator-fileupload service.

Available values: String

  • mongodb://<localhost>:27017/operator-fileupload

Default: mongodb://localhost:27017/operator-fileupload

MONGO_SERVER_URL

MONGO_SERVER_URL specifies the URL of the MongoDB.

The key is available for the seal-operator-server service.

Available values: String

  • mongodb://<localhost>:27017/operator-server

Default: mongodb://localhost:27017/operator-server

MONGO_TOKEN

MONGO_TOKEN specifies the key for credential encryption and decryption.

The key is available for the seal-operator-server service.

MONGO_TOKEN is only used for CS_TYPE=mongo.

Available values: String

  • ThisIsMySecretEncryptionToken

ONLINE_DOCS_URL

ONLINE_DOCS_URL specifies the URI pointing to the external online documentation.

The key is available for the seal-print-client service.

Available values: String

  • <URI_path>

Default: ``

OPERATOR_SERVER_SERVICE

OPERATOR_SERVER_SERVICE specifies the name of the operator-server service as it is registered in Consul.

The key is available for the seal-operator-p4 and the seal-operator-p5 services.

Available values: String

  • <operator_name>

Default: operator-server

OPERATOR_SERVER_URL

OPERATOR_SERVER_URL specifies the URL of the operator-server service unless the name of the server service is known.

The key is available for the seal-operator-p4 and the seal-operator-p5 services.

Available values: String

  • <operator_name>

Default: none

PLOSSYS_IPP_URL

PLOSSYS_IPP_URL specifies the URL of the checkin service of the PLOSSYS 5 system.

The key is available for the seal-operator-p5 service.

Available values: String

  • ipp://<server_name>:631

Default: ipp://localhost:631

PLOSSYS_TIMEOUT

PLOSSYS_TIMEOUT specifies the timeout connecting and retrieving data from a PLOSSYS netdome system. The minimum value is two seconds.

The key is available for the seal-operator-p4 service.

Available values: String

  • 4s

Default: 10s

PLOSSYS_URL

PLOSSYS_URL specifies the URL of the PLOSSYS netdome system to which SEAL Print Client has to connect.

The key is available for the seal-operator-p4 service.

Available values: String

  • https://<plossys_server_name>:3011

Default: https://localhost:3011

SAP_URL

SAP_URL specifies the URL for the SAP system.

The key is available for the seal-operator-sap service.

Available values: String

  • <protocol>://<server_name>:<port>

Default: none

SERVICE_URL

SERVICE_URL specifies how a service can be accessed.

The key is available for all services.

Available values: String

  • <protocol>://<server_name>:<port>

Default: https://localhost:<service_port>

Hint - port list

Default: The server name is determined when a service is started and the default port is used. The correspondent assignment is described in Used Ports.

TLS_DIR

TLS_DIR specifies the directory for storing the files necessary for the secure transfer between clients and servers and within SEAL Print Client.

The key is available for all services.

Available values: String

  • <dir_name>

The directory contains the following files:

  • key.pem

    File with the private key

  • cert.pem

    File with the certificate

  • ca.pem

    File with the CA certificate

Default: The pre-installed self-signed certificate is used.

Caution - security gap

Using the pre-installed self-signed certificate in a productive system is a serious security gap!

TRUSTED_CLIENT

TRUSTED_CLIENT specifies the client name configured in the ID Provider for granting access via access token.

The key is available for the seal-operator-fileupload and the seal-operator-server services.

Available values: String

  • <client_name>

Default: operator

VAULT_URL

VAULT_URL specifies the URL of the vault service.

The key is available for the seal-operator-server service.

VAULT_URL is only used for CS_TYPE=vault.

Available values: String

  • https://<server_name>:8200

Default: https://localhost:8200

VAULT_TOKEN_PATH

VAULT_TOKEN_PATH specifies the directory for vault tokens.

The key is available for the seal-operator-server service.

VAULT_TOKEN_PATH is only used for CS_TYPE=vault.

Available values: String

  • <os_specific_path>

Default:

  • Linux: /opt/seal/infrastructure/etc

  • Windows: C:\ProgramData\SEAL Systems\infrastructure\config

VAULT_TOKEN

VAULT_TOKEN specifies the root token of the vault service.

The key is available for the seal-operator-server service.

VAULT_TOKEN is only used for CS_TYPE= vault and if no valid token can be found in VAULT_TOKEN_PATH.

Available values: String

  • <INSECURE_ROOT_TOKEN>

Default: INSECURE_ROOT_TOKEN

Back to top