ENT-1548: Improve docs for hsm (#805)

* Improve docs for hsm

Add information on different configs depending on which execution mode
for hsm is run

* Remove default config file argument for hsm, add required to cli flag.
This commit is contained in:
Katarzyna Streich 2018-05-04 15:58:36 +01:00 committed by GitHub
parent 5c0775f7b4
commit d254bf6d46
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 15 additions and 5 deletions

View File

@ -15,8 +15,11 @@ Configuration file
------------------
At startup the signing service reads a configuration file, passed with ``--config-file`` on the command line.
This is an example of what a signing service configuration file might look like:
.. literalinclude:: ../../network-management/hsm.conf
This is an example of what a signing service configuration file might look like for doorman:
.. literalinclude:: ../../network-management/hsm-for-doorman.conf
For network map:
.. literalinclude:: ../../network-management/hsm-for-networkmap.conf
Invoke the signing service with ``-?`` for a full list of supported command-line arguments.

View File

@ -28,7 +28,7 @@ To run the HSM signing server:
```
cd network-management
java -jar capsule-hsm/build/libs/hsm-<version>.jar --config-file hsm.conf
java -jar capsule-hsm/build/libs/hsm-<version>.jar --config-file [hsm-configuration-file]
```
For a list of options the HSM signing server takes, run with the `--help` option:

View File

@ -20,6 +20,7 @@ import com.r3.corda.networkmanage.hsm.configuration.SigningServiceConfig
import com.r3.corda.networkmanage.hsm.processor.CrrProcessor
import com.r3.corda.networkmanage.hsm.processor.CsrProcessor
import com.r3.corda.networkmanage.hsm.processor.NetworkMapProcessor
import net.corda.core.internal.exists
import org.apache.logging.log4j.LogManager
import org.bouncycastle.jce.provider.BouncyCastleProvider
import java.security.Security
@ -34,7 +35,12 @@ fun main(args: Array<String>) {
val cmdLineOptions = SigningServiceArgsParser().parseOrExit(*args)
val config = parseConfig<SigningServiceConfig>(cmdLineOptions.configFile)
val config = if (cmdLineOptions.configFile.exists()) {
parseConfig<SigningServiceConfig>(cmdLineOptions.configFile)
} else {
println("Please provide existing HSM config file using --config-file option")
return
}
// Validate
// Grabbed from https://stackoverflow.com/questions/7953567/checking-if-unlimited-cryptography-is-available

View File

@ -89,10 +89,11 @@ class SigningServiceArgsParser : ArgsParser<SigningServiceCmdLineOptions>() {
.accepts("config-file", "The path to the config file")
.withRequiredArg()
.withValuesConvertedBy(PathConverter(PathProperties.FILE_EXISTING))
.required()
override fun parse(optionSet: OptionSet): SigningServiceCmdLineOptions {
val baseDir = optionSet.valueOf(baseDirArg)
val configFile = optionSet.valueOf(configFileArg) ?: baseDir / "signing_service.conf"
val configFile = optionSet.valueOf(configFileArg)
return SigningServiceCmdLineOptions(baseDir, configFile)
}
}