-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathall_pkits_parameters.yml
58 lines (50 loc) · 7.02 KB
/
all_pkits_parameters.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
testObject:
name: "HasToBeDefined_name" # Name of the test object, for better identification in logs and configuration files.
testObjectType: HasToBeDefined_testObjectType # one of: IdpFachdienst, IntermediaerServer, KimFachdienst, VsdmFachdienst, VpnKonzentrator, VpnRegServer
ipAddressOrFqdn: "HasToBeDefined_ipAddressOrFqdn" # FQDN or IP address to connect to the test object.
port: HasToBeDefined_port # Port where the test object listens on.
ocspGracePeriodSeconds: 30 # OCSP grace period in seconds configured in the test object.
ocspToleranceProducedAtPastSeconds: 5 # OCSP tolerance for producedAt in the past, in seconds configured in the test object.
ocspToleranceProducedAtFutureSeconds: 3 # OCSP tolerance for producedAt in the future, in seconds configured in the test object.
tslDownloadIntervalSeconds: HasToBeDefined_tslDownloadIntervalSeconds # TSL download interval in seconds configured in the test object.
tslGracePeriodDays: 0 # Duration in days after expiration of the TSL during which the TSL is still regarded as valid.
tslProcessingTimeSeconds: 3 # Amount of seconds to wait after a TSL update for processing inside the test object.
ocspProcessingTimeSeconds: 1 # Amount of seconds to wait for OCSP requests to be processed by the test object and corresponding network.
ocspTimeoutSeconds: 10 # Amount of seconds after OCSP responses are not accepted by the test object anymore.
scriptUseCase:
scriptPath: "unused by default" # Absolute or relative path to the use case script when test object type is set to 'Script'.
sendReceiveApplicationData: true # Parameter can be used to differentiate code inside a script
appDataHttpFwdSocket: "HasToBeDefined_appDataHttpFwdSocket" # send AppData over http-forwarder (to gematik OCSP-sim, as defined in bash script)
cryptMethod: "ECC" # Parameter is used as an argument for the called script. It can be used for handling different implementations in RSA or ECC.
sshConfig:
username: "HasToBeDefined_username" # Username for the SSH login
password: "HasToBeDefined_password" # Passwort in case of password based authentication.
host: "HasToBeDefined_host" # IP address to connect to via SSH.
port: 22 # Port for the SSH connect.
privateKey: "HasToBeDefined_privateKey" # Private key in case of key based authentication.
privateKeyPassphrase: "HasToBeDefined_privateKeyPassphrase" # Password for the private key in case of key based authentication.
connectTimeoutSeconds: 60 # Timeout for the SSH session.
authTimeoutSeconds: 60 # Timeout for the verification phase during the session connection establishment.
channelOpenTimeoutSeconds: 60 # Timeout during channel establishment.
channelCloseTimeoutSeconds: 60 # Timeout during SSH channel.
sshUseCaseParameters:
filesToCopyRootDir: "HasToBeDefined_filesToCopyRootDir" # Directory containing files, that should be copied to the remote SSH machine.
filesToCopyPattern: "HasToBeDefined_filesToCopyPattern" # Wildcard filter for selecting files from the 'filesToCopyRootDir'. See https://docs.oracle.com/javase/8/docs/api/java/nio/file/FileSystem.html#getPathMatcher-java.lang.String-
remoteTargetDir: "HasToBeDefined_remoteTargetDir" # Target directory on the SSH remote machine, where files are copied to.
remoteLogFile: "HasToBeDefined_remoteLogFile" # Filename of a log file on the remote SSH machine. This file is copied back from the remote machine.
ocspResponder:
ipAddressOrFqdn: "HasToBeDefined_ipAddressOrFqdn" # FQDN or IP address where the OCSP responder is running. This will be used as the ServiceSupplyPoint in the TSLs.
port: HasToBeDefined_port # Port where the OCSP responder is listening.
id: "OCSP Responder" # Name of the OCSP responder for better identification in log files.
appPath: "./bin/pkits-ocsp-responder-exec.jar" # Path to the OCSP responder jar which should be started during tests. This can be skipped with the keyword "externalStartup".
tslProvider:
tslCryptTypeEccOnly: false # TSL contains certificates with crypt type ECC-Only.
ipAddressOrFqdn: "HasToBeDefined_ipAddressOrFqdn" # FQDN or IP address where the tsl provider is running. This will be used as the PointersToOther field in the TSLs.
port: HasToBeDefined_port # Port where the TSL provider is listening.
id: "TSL Provider" # Name of the TSL provider for better identification in log files.
appPath: "./bin/pkits-tsl-provider-exec.jar" # Path to the TSL provider jar which should be started during tests. This can be skipped with the keyword "externalStartup".
testSuiteParameter:
performInitialState: true # Execute smoke test (TSL and use case including OCSP) before each test.
ocspSettings:
timeoutDeltaMilliseconds: 1500 # Amount of milliseconds to add/subtract from OCSP timeout during the test to get a result inside/outside the timeout.
gracePeriodExtraDelay: 5 # Amount of seconds to add to the OCSP grace period as a buffer.