ENT-1548: Improve docs for hsm (#805)

* Improve docs for hsm Add information on different configs depending on which execution mode for hsm is run * Remove default config file argument for hsm, add required to cli flag.
2025-03-17 17:45:17 +00:00 · 2018-05-04 15:58:36 +01:00 · 2018-05-04 15:58:36 +01:00 · d254bf6d46
commit d254bf6d46
parent 5c0775f7b4
4 changed files with 15 additions and 5 deletions
--- a/docs/source/running-signing-service.rst
+++ b/docs/source/running-signing-service.rst
@ -15,8 +15,11 @@ Configuration file
 ------------------
 At startup the signing service reads a configuration file, passed with ``--config-file`` on the command line.

-This is an example of what a signing service configuration file might look like:
-    .. literalinclude:: ../../network-management/hsm.conf
+This is an example of what a signing service configuration file might look like for doorman:
+    .. literalinclude:: ../../network-management/hsm-for-doorman.conf
+
+For network map:
+    .. literalinclude:: ../../network-management/hsm-for-networkmap.conf

 Invoke the signing service with ``-?`` for a full list of supported command-line arguments.

--- a/network-management/README.md
+++ b/network-management/README.md
@ -28,7 +28,7 @@ To run the HSM signing server:

 ```
 cd network-management
-java -jar capsule-hsm/build/libs/hsm-<version>.jar --config-file hsm.conf
+java -jar capsule-hsm/build/libs/hsm-<version>.jar --config-file [hsm-configuration-file]
 ```

 For a list of options the HSM signing server takes, run with the `--help` option:
--- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt
+++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt
@ -20,6 +20,7 @@ import com.r3.corda.networkmanage.hsm.configuration.SigningServiceConfig
 import com.r3.corda.networkmanage.hsm.processor.CrrProcessor
 import com.r3.corda.networkmanage.hsm.processor.CsrProcessor
 import com.r3.corda.networkmanage.hsm.processor.NetworkMapProcessor
+import net.corda.core.internal.exists
 import org.apache.logging.log4j.LogManager
 import org.bouncycastle.jce.provider.BouncyCastleProvider
 import java.security.Security
@ -34,7 +35,12 @@ fun main(args: Array<String>) {

    val cmdLineOptions = SigningServiceArgsParser().parseOrExit(*args)

-    val config = parseConfig<SigningServiceConfig>(cmdLineOptions.configFile)
+    val config = if (cmdLineOptions.configFile.exists()) {
+        parseConfig<SigningServiceConfig>(cmdLineOptions.configFile)
+    } else {
+        println("Please provide existing HSM config file using --config-file option")
+        return
+    }

    // Validate
    // Grabbed from https://stackoverflow.com/questions/7953567/checking-if-unlimited-cryptography-is-available
--- a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/SigningServiceConfig.kt
+++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/SigningServiceConfig.kt
@ -89,10 +89,11 @@ class SigningServiceArgsParser : ArgsParser<SigningServiceCmdLineOptions>() {
            .accepts("config-file", "The path to the config file")
            .withRequiredArg()
            .withValuesConvertedBy(PathConverter(PathProperties.FILE_EXISTING))
+            .required()

    override fun parse(optionSet: OptionSet): SigningServiceCmdLineOptions {
        val baseDir = optionSet.valueOf(baseDirArg)
-        val configFile = optionSet.valueOf(configFileArg) ?: baseDir / "signing_service.conf"
+        val configFile = optionSet.valueOf(configFileArg)
        return SigningServiceCmdLineOptions(baseDir, configFile)
    }
 }