digital-asset/daml
1
1
Fork 0
mirror of https://github.com/digital-asset/daml.git synced 2024-09-20 01:07:18 +03:00
Code Issues Projects Releases Wiki Activity

Modify the name of the secrets-url CLI flag to tls-secrets-url [DPP-604] (#10840)

Browse Source 
CHANGELOG_BEGIN
Modify the name of the secrets-url CLI flag to tls-secrets-url.
CHANGELOG_END
This commit is contained in:
mziolekda 2021-09-10 13:17:10 +02:00 committed by GitHub
parent d809fd934a
commit 85f6f36fd0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ledger/daml-on-sql/README.rst
View File

@ -212,7 +212,7 @@ To enable TLS, you need to specify the private key for your server and the
certificate chain via ``java -jar daml-on-sql-<version>.jar --pem server.pem --crt server.crt``.
You can also supply private key as an encrypted (using a symmetric AES like algorithm)
file with an ``.enc`` suffix.
While doing so you also need to specify secrets server via ``--secrets-url`` flag
While doing so you also need to specify secrets server via ``--tls-secrets-url`` flag
which should serve decryption details as a JSON document like so:
.. code-block:: json
@ -224,7 +224,7 @@ which should serve decryption details as a JSON document like so:
"key_length" : 128
}
Sample command to start a server with private key encrypted: ``java -jar daml-on-sql-<version>.jar --pem server.pem.enc --crt server.crt --secrets-url http://localhost:8080``.
Sample command to start a server with private key encrypted: ``java -jar daml-on-sql-<version>.jar --pem server.pem.enc --crt server.crt --tls-secrets-url http://localhost:8080``.
By default, the Ledger API requires client authentication as well. You can set a
custom root CA certificate used to validate client certificates via ``--cacrt ca.crt``.

2
ledger/ledger-api-test-tool/BUILD.bazel
View File

@ -225,7 +225,7 @@ conformance_test(
"--crt $$(rlocation $$TEST_WORKSPACE/$(rootpath //ledger/test-common/test-certificates:server.crt))",
"--cacrt $$(rlocation $$TEST_WORKSPACE/$(rootpath //ledger/test-common/test-certificates:ca.crt))",
"--pem $$(rlocation $$TEST_WORKSPACE/$(rootpath //ledger/test-common/test-certificates:server.pem.enc))",
"--secrets-url https://raw.githubusercontent.com/digital-asset/daml/main/ledger/test-common/files/server-pem-decryption-parameters.json",
"--tls-secrets-url https://raw.githubusercontent.com/digital-asset/daml/main/ledger/test-common/files/server-pem-decryption-parameters.json",
],
test_tool_args = [
"--verbose",

2
ledger/participant-state/kvutils/app/src/main/scala/com/daml/ledger/participant/state/kvutils/app/Config.scala
View File

@ -323,7 +323,7 @@ object Config {
config.withTlsConfig(c => c.copy(keyFile = Some(new File(path))))
)
opt[String]("secrets-url")
opt[String]("tls-secrets-url")
.optional()
.text(
"TLS: URL of a secrets service that provide parameters needed to decrypt the private key. Required when private key is encrypted (indicated by '.enc' filename suffix)."

2
ledger/participant-state/kvutils/app/src/test/scala/com/daml/ledger/participant/state/kvutils/app/ConfigSpec.scala
View File

@ -66,7 +66,7 @@ final class ConfigSpec
"some-jdbc-url",
"--pem",
"key.enc",
"--secrets-url",
"--tls-secrets-url",
"http://aaa",
)
)

2
ledger/sandbox-common/src/main/scala/platform/sandbox/cli/CommonCliBase.scala
View File

@ -122,7 +122,7 @@ class CommonCliBase(name: LedgerName) {
)
)
opt[String]("secrets-url")
opt[String]("tls-secrets-url")
.optional()
.text(
"TLS: URL of a secrets service that provides parameters needed to decrypt the private key. Required when private key is encrypted (indicated by '.enc' filename suffix)."

2
ledger/sandbox-common/src/test/lib/scala/platform/sandbox/cli/CommonCliSpecBase.scala
View File

@ -124,7 +124,7 @@ abstract class CommonCliSpecBase(
Array(
"--pem",
"key.enc",
"--secrets-url",
"--tls-secrets-url",
"http://aaa",
),
_.copy(tlsConfig =