Skip to main content

Customize tool settings

Use these environment variables to customize the behavior and settings of the following tools:

Environment variables for client tools

Tipp

Any mention of All* in the table below refers specifically to the tools referenced above.

Tabelle 1. Environment variables for client tools

Variable

Description

Values (default)

Clients

SM_TLS_SKIP_VERIFY

Disables TLS verification on client side.

TRUE/(FALSE)

All*

SM_LOG_LEVEL

Controls the log level generated by each client.

FATAL

(ERROR)

WARN

INFO

DEBUG

TRACE

All*

SM_CONN_TIMEOUT

Set the amount of time, in milliseconds, to wait for client connection.

Any positive integer (30000).

All*

SM_CA_FILE

Specify the CA certificate for TLS certificate validation returned by server during SSL handshake.

Path to a certificate in PEM or DER format.

All*

SM_LOG_OUTPUT

Set the location for the client log output.

Log generation depends on the log level.

Examples:

stdout – Write to client console.

stderr – Write in error stream.

discard – Nothing written.

file – Writes to file (defined by SM_LOG_FILE_NAME and SM_LOG_DIR).

stdout/console

stderr

discard/none/null

(file)

All*

SM_LOG_FILE_NAME

Provide a file name .

smpkcs11 – smpkcs11.log

smksp – smksp.log

smctl – smctl.log

smksp_cert_sync – smksp_cert_sync.log

smcsp.log

ssm-scd.log

All*

SM_LOG_DIR

Provide the log location.

<user_home>/.signingmanager/logs

All*

SM_PKCS11_DB_DSN

Provide the absolute path pointing to SQLite3 DB file on system.

Any valid absolute path with write permission (:memory:).

PKCS11

SM_PKCS11_OFFLINE_MODE

To control the functionality of PKCS11 by fetching the keypairs only once if the SQLite3 DB file is created and then serves all the keypairs from the local SQLite3 DB file and only calls the cloud for signing.

TRUE/(FALSE)

PKCS11