简柏林 / thingskit · Commits

Commit d7ed199ba8b52aaba06a25922adaf0b6479ccec1

Authored by Andrii Shvaika
1 parent 1fa4aff5

Websocket keep-alive / ping set to 15 seconds

Inline Side-by-side
Showing 5 changed files with 18 additions and 14 deletions
@@ -31,7 +31,7 @@ server: @@ -31,7 +31,7 @@ server:
31 pem: 31 pem:
32 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 32 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
33 cert_file: "${SSL_PEM_CERT:server.pem}" 33 cert_file: "${SSL_PEM_CERT:server.pem}"
34 - # Path to the server certificate private key file (optional) 34 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
35 key_file: "${SSL_PEM_KEY:server_key.pem}" 35 key_file: "${SSL_PEM_KEY:server_key.pem}"
36 # Server certificate private key password (optional) 36 # Server certificate private key password (optional)
37 key_password: "${SSL_PEM_KEY_PASSWORD:server_key_password}" 37 key_password: "${SSL_PEM_KEY_PASSWORD:server_key_password}"
@@ -54,7 +54,7 @@ server: @@ -54,7 +54,7 @@ server:
54 log_controller_error_stack_trace: "${HTTP_LOG_CONTROLLER_ERROR_STACK_TRACE:false}" 54 log_controller_error_stack_trace: "${HTTP_LOG_CONTROLLER_ERROR_STACK_TRACE:false}"
55 ws: 55 ws:
56 send_timeout: "${TB_SERVER_WS_SEND_TIMEOUT:5000}" 56 send_timeout: "${TB_SERVER_WS_SEND_TIMEOUT:5000}"
57 - ping_timeout: "${TB_SERVER_WS_PING_TIMEOUT:30000}" 57 + ping_timeout: "${TB_SERVER_WS_PING_TIMEOUT:15000}"
58 limits: 58 limits:
59 # Limit the amount of sessions and subscriptions available on each server. Put values to zero to disable particular limitation 59 # Limit the amount of sessions and subscriptions available on each server. Put values to zero to disable particular limitation
60 max_sessions_per_tenant: "${TB_SERVER_WS_TENANT_RATE_LIMITS_MAX_SESSIONS_PER_TENANT:0}" 60 max_sessions_per_tenant: "${TB_SERVER_WS_TENANT_RATE_LIMITS_MAX_SESSIONS_PER_TENANT:0}"
@@ -644,7 +644,7 @@ transport: @@ -644,7 +644,7 @@ transport:
644 bind_address: "${MQTT_SSL_BIND_ADDRESS:0.0.0.0}" 644 bind_address: "${MQTT_SSL_BIND_ADDRESS:0.0.0.0}"
645 # MQTT SSL bind port 645 # MQTT SSL bind port
646 bind_port: "${MQTT_SSL_BIND_PORT:8883}" 646 bind_port: "${MQTT_SSL_BIND_PORT:8883}"
647 - # SSL protocol: See http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#SSLContext 647 + # SSL protocol: See https://docs.oracle.com/en/java/javase/11/docs/specs/security/standard-names.html#sslcontext-algorithms
648 protocol: "${MQTT_SSL_PROTOCOL:TLSv1.2}" 648 protocol: "${MQTT_SSL_PROTOCOL:TLSv1.2}"
649 # Server SSL credentials 649 # Server SSL credentials
650 credentials: 650 credentials:
@@ -654,7 +654,7 @@ transport: @@ -654,7 +654,7 @@ transport:
654 pem: 654 pem:
655 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 655 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
656 cert_file: "${MQTT_SSL_PEM_CERT:mqttserver.pem}" 656 cert_file: "${MQTT_SSL_PEM_CERT:mqttserver.pem}"
657 - # Path to the server certificate private key file (optional) 657 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
658 key_file: "${MQTT_SSL_PEM_KEY:mqttserver_key.pem}" 658 key_file: "${MQTT_SSL_PEM_KEY:mqttserver_key.pem}"
659 # Server certificate private key password (optional) 659 # Server certificate private key password (optional)
660 key_password: "${MQTT_SSL_PEM_KEY_PASSWORD:server_key_password}" 660 key_password: "${MQTT_SSL_PEM_KEY_PASSWORD:server_key_password}"
@@ -666,7 +666,9 @@ transport: @@ -666,7 +666,9 @@ transport:
666 store_file: "${MQTT_SSL_KEY_STORE:mqttserver.jks}" 666 store_file: "${MQTT_SSL_KEY_STORE:mqttserver.jks}"
667 # Password used to access the key store 667 # Password used to access the key store
668 store_password: "${MQTT_SSL_KEY_STORE_PASSWORD:server_ks_password}" 668 store_password: "${MQTT_SSL_KEY_STORE_PASSWORD:server_ks_password}"
669 - # Password used to access the key 669 + # Optional alias of the private key; If not set, the platform will load the first private key from the keystore;
  670 + key_alias: "${MQTT_SSL_KEY_ALIAS:}"
  671 + # Optional password to access the private key. If not set, the platform will attempt to load the private keys that are not protected with the password;
670 key_password: "${MQTT_SSL_KEY_PASSWORD:server_key_password}" 672 key_password: "${MQTT_SSL_KEY_PASSWORD:server_key_password}"
671 # Skip certificate validity check for client certificates. 673 # Skip certificate validity check for client certificates.
672 skip_validity_check_for_client_cert: "${MQTT_SSL_SKIP_VALIDITY_CHECK_FOR_CLIENT_CERT:false}" 674 skip_validity_check_for_client_cert: "${MQTT_SSL_SKIP_VALIDITY_CHECK_FOR_CLIENT_CERT:false}"
@@ -694,7 +696,7 @@ transport: @@ -694,7 +696,7 @@ transport:
694 pem: 696 pem:
695 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 697 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
696 cert_file: "${COAP_DTLS_PEM_CERT:coapserver.pem}" 698 cert_file: "${COAP_DTLS_PEM_CERT:coapserver.pem}"
697 - # Path to the server certificate private key file (optional) 699 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
698 key_file: "${COAP_DTLS_PEM_KEY:coapserver_key.pem}" 700 key_file: "${COAP_DTLS_PEM_KEY:coapserver_key.pem}"
699 # Server certificate private key password (optional) 701 # Server certificate private key password (optional)
700 key_password: "${COAP_DTLS_PEM_KEY_PASSWORD:server_key_password}" 702 key_password: "${COAP_DTLS_PEM_KEY_PASSWORD:server_key_password}"
@@ -736,7 +738,7 @@ transport: @@ -736,7 +738,7 @@ transport:
736 pem: 738 pem:
737 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 739 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
738 cert_file: "${LWM2M_SERVER_PEM_CERT:lwm2mserver.pem}" 740 cert_file: "${LWM2M_SERVER_PEM_CERT:lwm2mserver.pem}"
739 - # Path to the server certificate private key file (optional) 741 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
740 key_file: "${LWM2M_SERVER_PEM_KEY:lwm2mserver_key.pem}" 742 key_file: "${LWM2M_SERVER_PEM_KEY:lwm2mserver_key.pem}"
741 # Server certificate private key password (optional) 743 # Server certificate private key password (optional)
742 key_password: "${LWM2M_SERVER_PEM_KEY_PASSWORD:server_key_password}" 744 key_password: "${LWM2M_SERVER_PEM_KEY_PASSWORD:server_key_password}"
@@ -772,7 +774,7 @@ transport: @@ -772,7 +774,7 @@ transport:
772 pem: 774 pem:
773 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 775 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
774 cert_file: "${LWM2M_BS_PEM_CERT:lwm2mserver.pem}" 776 cert_file: "${LWM2M_BS_PEM_CERT:lwm2mserver.pem}"
775 - # Path to the server certificate private key file (optional) 777 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
776 key_file: "${LWM2M_BS_PEM_KEY:lwm2mserver_key.pem}" 778 key_file: "${LWM2M_BS_PEM_KEY:lwm2mserver_key.pem}"
777 # Server certificate private key password (optional) 779 # Server certificate private key password (optional)
778 key_password: "${LWM2M_BS_PEM_KEY_PASSWORD:server_key_password}" 780 key_password: "${LWM2M_BS_PEM_KEY_PASSWORD:server_key_password}"
@@ -106,7 +106,7 @@ transport: @@ -106,7 +106,7 @@ transport:
106 pem: 106 pem:
107 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 107 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
108 cert_file: "${COAP_DTLS_PEM_CERT:coapserver.pem}" 108 cert_file: "${COAP_DTLS_PEM_CERT:coapserver.pem}"
109 - # Path to the server certificate private key file (optional) 109 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
110 key_file: "${COAP_DTLS_PEM_KEY:coapserver_key.pem}" 110 key_file: "${COAP_DTLS_PEM_KEY:coapserver_key.pem}"
111 # Server certificate private key password (optional) 111 # Server certificate private key password (optional)
112 key_password: "${COAP_DTLS_PEM_KEY_PASSWORD:server_key_password}" 112 key_password: "${COAP_DTLS_PEM_KEY_PASSWORD:server_key_password}"
@@ -31,7 +31,7 @@ server: @@ -31,7 +31,7 @@ server:
31 pem: 31 pem:
32 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 32 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
33 cert_file: "${SSL_PEM_CERT:server.pem}" 33 cert_file: "${SSL_PEM_CERT:server.pem}"
34 - # Path to the server certificate private key file (optional) 34 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
35 key_file: "${SSL_PEM_KEY:server_key.pem}" 35 key_file: "${SSL_PEM_KEY:server_key.pem}"
36 # Server certificate private key password (optional) 36 # Server certificate private key password (optional)
37 key_password: "${SSL_PEM_KEY_PASSWORD:server_key_password}" 37 key_password: "${SSL_PEM_KEY_PASSWORD:server_key_password}"
@@ -121,7 +121,7 @@ transport: @@ -121,7 +121,7 @@ transport:
121 pem: 121 pem:
122 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 122 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
123 cert_file: "${LWM2M_SERVER_PEM_CERT:lwm2mserver.pem}" 123 cert_file: "${LWM2M_SERVER_PEM_CERT:lwm2mserver.pem}"
124 - # Path to the server certificate private key file (optional) 124 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
125 key_file: "${LWM2M_SERVER_PEM_KEY:lwm2mserver_key.pem}" 125 key_file: "${LWM2M_SERVER_PEM_KEY:lwm2mserver_key.pem}"
126 # Server certificate private key password (optional) 126 # Server certificate private key password (optional)
127 key_password: "${LWM2M_SERVER_PEM_KEY_PASSWORD:server_key_password}" 127 key_password: "${LWM2M_SERVER_PEM_KEY_PASSWORD:server_key_password}"
@@ -157,7 +157,7 @@ transport: @@ -157,7 +157,7 @@ transport:
157 pem: 157 pem:
158 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 158 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
159 cert_file: "${LWM2M_BS_PEM_CERT:lwm2mserver.pem}" 159 cert_file: "${LWM2M_BS_PEM_CERT:lwm2mserver.pem}"
160 - # Path to the server certificate private key file (optional) 160 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
161 key_file: "${LWM2M_BS_PEM_KEY:lwm2mserver_key.pem}" 161 key_file: "${LWM2M_BS_PEM_KEY:lwm2mserver_key.pem}"
162 # Server certificate private key password (optional) 162 # Server certificate private key password (optional)
163 key_password: "${LWM2M_BS_PEM_KEY_PASSWORD:server_key_password}" 163 key_password: "${LWM2M_BS_PEM_KEY_PASSWORD:server_key_password}"
@@ -104,7 +104,7 @@ transport: @@ -104,7 +104,7 @@ transport:
104 bind_address: "${MQTT_SSL_BIND_ADDRESS:0.0.0.0}" 104 bind_address: "${MQTT_SSL_BIND_ADDRESS:0.0.0.0}"
105 # MQTT SSL bind port 105 # MQTT SSL bind port
106 bind_port: "${MQTT_SSL_BIND_PORT:8883}" 106 bind_port: "${MQTT_SSL_BIND_PORT:8883}"
107 - # SSL protocol: See http://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#SSLContext 107 + # SSL protocol: See https://docs.oracle.com/en/java/javase/11/docs/specs/security/standard-names.html#sslcontext-algorithms
108 protocol: "${MQTT_SSL_PROTOCOL:TLSv1.2}" 108 protocol: "${MQTT_SSL_PROTOCOL:TLSv1.2}"
109 # Server SSL credentials 109 # Server SSL credentials
110 credentials: 110 credentials:
@@ -114,7 +114,7 @@ transport: @@ -114,7 +114,7 @@ transport:
114 pem: 114 pem:
115 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key) 115 # Path to the server certificate file (holds server certificate or certificate chain, may include server private key)
116 cert_file: "${MQTT_SSL_PEM_CERT:mqttserver.pem}" 116 cert_file: "${MQTT_SSL_PEM_CERT:mqttserver.pem}"
117 - # Path to the server certificate private key file (optional) 117 + # Path to the server certificate private key file. Optional by default. Required if the private key is not present in server certificate file;
118 key_file: "${MQTT_SSL_PEM_KEY:mqttserver_key.pem}" 118 key_file: "${MQTT_SSL_PEM_KEY:mqttserver_key.pem}"
119 # Server certificate private key password (optional) 119 # Server certificate private key password (optional)
120 key_password: "${MQTT_SSL_PEM_KEY_PASSWORD:server_key_password}" 120 key_password: "${MQTT_SSL_PEM_KEY_PASSWORD:server_key_password}"
@@ -126,6 +126,8 @@ transport: @@ -126,6 +126,8 @@ transport:
126 store_file: "${MQTT_SSL_KEY_STORE:mqttserver.jks}" 126 store_file: "${MQTT_SSL_KEY_STORE:mqttserver.jks}"
127 # Password used to access the key store 127 # Password used to access the key store
128 store_password: "${MQTT_SSL_KEY_STORE_PASSWORD:server_ks_password}" 128 store_password: "${MQTT_SSL_KEY_STORE_PASSWORD:server_ks_password}"
  129 + # Optional alias of the private key; If not set, the platform will load the first private key from the keystore;
  130 + key_alias: "${MQTT_SSL_KEY_ALIAS:}"
129 # Password used to access the key 131 # Password used to access the key
130 key_password: "${MQTT_SSL_KEY_PASSWORD:server_key_password}" 132 key_password: "${MQTT_SSL_KEY_PASSWORD:server_key_password}"
131 # Skip certificate validity check for client certificates. 133 # Skip certificate validity check for client certificates.