Use these environment variables to customize the behavior and settings of the following tools:
提示
Any mention of All* in the table below refers specifically to the tools referenced above.
Variable | Description | Values (default) | Clients |
---|---|---|---|
SM_TLS_SKIP_VERIFY | Disables TLS verification on client side. | TRUE/(FALSE) | All* |
SM_LOG_LEVEL | Controls the log level generated by each client. | FATAL (ERROR) WARN INFO DEBUG TRACE | All* |
SM_CONN_TIMEOUT | Set the amount of time, in milliseconds, to wait for client connection. | Any positive integer (30000). | All* |
SM_CA_FILE | Specify the CA certificate for TLS certificate validation returned by server during SSL handshake. | Path to a certificate in PEM or DER format. | All* |
SM_LOG_OUTPUT | Set the location for the client log output. Log generation depends on the log level. Examples: | stdout/console stderr discard/none/null (file) | All* |
SM_LOG_FILE_NAME | Provide a file name . | smpkcs11 – smpkcs11.log smksp – smksp.log smctl – smctl.log smksp_cert_sync – smksp_cert_sync.log smcsp.log | All* |
SM_LOG_DIR | Provide the log location. | <user_home>/.signingmanager/logs | All* |
SM_PKCS11_DB_DSN | Provide the absolute path pointing to SQLite3 DB file on system. | Any valid absolute path with write permission (:memory:). | PKCS11 |
SM_PKCS11_OFFLINE_MODE | To control the functionality of PKCS11 by fetching the keypairs only once if the SQLite3 DB file is created and then serves all the keypairs from the local SQLite3 DB file and only calls the cloud for signing. | TRUE/(FALSE) | PKCS11 |