Appsettings.json

After successful installation of the SIGNIUS Sealing Server application, an important step is to properly set the application operating parameters in the appsettings.json configuration file. This file contains all necessary information regarding connections, communication protocols and integration with QSCD devices. Below is detailed information about the configuration of this file and tips that will allow for a smooth transition from the installation process to launching and using the application.

Config file

Open for edition appsettings.json file located in the root folder of installation directory and adjust the following:

database connection
url - hostname/ip and ports for communication
logging details
QSCD (HSM Devices) details

Database

In the first lines of config file there are two parameters:

ConnectionStrings
DumpDbSchema

ConnectionStrings

Contains database server connection/access details (can be encrypted for extra protection)

By default there are multiple connection string values to choose from, depending on ECE engine (database options described in requirements) version.

Choose one that suits Your database
adjust values for address and name of db, user credentials and others if applicable
remove the remaining connection values, like in the hint below (remember about proper number of commas in json structure)

in order to encrypt ConnectionStrings parameter do the following:

put

!ENCRYPT!

in front of connection string value but still within quotations, something like this:

"ConnectionStrings": {"MssqlConnectionString": "!ENCRYPT!Server=<server>;Database=<dbname>;User Id=<user name>;Password=<password>;TrustServerCertificate=true;"},

once it is done save config file and restart SIGNIUS Sealing Server

DumpDbSchema

When set to "true" creates schema file that can be used to create structure in the database if necessary.

Used mostly for cases when user from connection string doesn't have proper permission - can't create schema in database

URL

In the config file search for parameters:

Kestrel
HostSettings

these parameters hold ip/hostname/ports for communication with the server (listening ports)

Logs

In the config file search for parameters:

Logging - setting level of default and microsoft logs
Serilog - setting level of additional logs with logging to console, file, sending notification through smtp server to user email. Available other serilog options according to github
- https://github.com/serilog

QSCD

In the config file search for parameter HsmDevices where You can define multiple QSCD/HSM device libraries. In HsmDevices, property DeviceName should reflect to the name set in next part of configuration (database configuration) and property Library should point to the path of pkcs11 QSCD library, available from SIGNIUS Sealing Server machine (and if path contains special characters, those should be escaped, so in case of "\" we use "\\")

Supporting all pkcs11 libraries, in particular:

Utimaco (both HSM and simulator)
Thales
Entrust/nShield
SoftHSM/SoftHSM2

PreviousConfiguration NextDatabase configuration

Last updated 12 days ago