-
Notifications
You must be signed in to change notification settings - Fork 0
/
embrave.conf.example
135 lines (103 loc) · 4.09 KB
/
embrave.conf.example
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
##############################################################
# embrave configuration file #
# #
# This is file is divided in sections, where each section #
# is represented by a string between square brackets: #
# #
# [section_name] #
# #
# Each section is composed by a list of elements, and each #
# element is put in a line (is NOT possible to define more #
# than one element per line). Each element is couple of key #
# and value, written as following: #
# #
# key = value #
# #
# pay attention to the spaces before and after the equal (=) #
# character. If these spaces miss, the element will NOT be #
# read. #
# Every element added will be ignored. It is only possible #
# to modify the ones already present. #
##############################################################
########################################
# Attester Agent configuration section #
########################################
[AttesterAgent]
# UUID
uuid = 12345678-1234-1234-1234-123456789012
# Port where it runs the http server
port = 800
# Ip address on which make the binding
ip = 127.0.0.1
# Path where store the EK certificates
ek_rsa_cert = /var/embrave/attester/ek_rsa_cert.crt
ek_ecc_cert = /var/embrave/attester/ek_ecc_cert.crt
# Path where store the AK info
ak_pub = /var/embrave/attester/ak_pub.pem
ak_name = /var/embrave/attester/ak.name
ak_ctx = /var/embrave/attester/ak.ctx
ak_cert = /var/embrave/attester/ak.crt
# Join Service IP address
join_service_ip = localhost
# Port where it runs the http Join Service server
join_service_port = 8000
# URI whitelist
# Format file://whitelistname.db or
# https://location.where.whitelist/is/stored
whitelist_uri = file://raspberrypi4b.db
##################################
# Verifier configuration section #
##################################
[Verifier]
# Port where it runs the http server
port = 80
# Port where is runs the https (TLS enabled) server
tls_port = 443
# Ip address on which make the binding
ip = 127.0.0.1
# Flag to spacify if the server will run on TLS
# or not (1 = TLS, 0 = NO TLS). NOT used yet!
use_tls = 1
# Certificate and key for TLS paths
tls_cert_ca = /var/embrave/verifier/tls/ca.crt
tls_cert = /var/embrave/verifier/tls/cert.crt
tls_key = /var/embrave/verifier/tls/key.pem
# Path of the verfier database (sqlite)
db = file:/var/embrave/verifier/db.sqlite
# Path where to store all whitelists databases (sqlite)
whitelist_path = /var/embrave/verifier/whitelist/
# Join Service IP address
join_service_ip = localhost
# Port where it runs the http Join Service server
join_service_port = 8000
# MQTT broker IP address
mqtt_broker_ip = localhost
# Port where it runs the MQTT broker
mqtt_broker_port = 1883
######################################
# Join Service configuration section #
######################################
[JoinService]
# Port where it runs the http server
port = 8000
# Port where is runs the https (TLS enabled) server
tls_port = 443
# Ip address on which make the binding
ip = localhost
# Flag to spacify if the server will run on TLS
# or not (1 = TLS, 0 = NO TLS). NOT used yet!
use_tls = 1
# Certificate and key for TLS paths
tls_cert_ca = /var/embrave/join_service/tls/ca.crt
tls_cert = /var/embrave/join_service/tls/cert.crt
tls_key = /var/embrave/join_service/tls/key.pem
# Path of the verfier database (sqlite)
db = file:/var/embrave/join_service/db.sqlite
# Path of ca hash certificates
ca_x509_path = /home/pi/embrave/tpm_ca_certs_hash_dir
# MQTT broker IP address
mqtt_broker_ip = localhost
# Port where it runs the MQTT broker
mqtt_broker_port = 1883
# Join Service Log file
log_path = /var/embrave/join_service/log.txt