Configuration

Variable Configuration

The variable configuration can be found in the t1c/t1c.conf file of the Trust1Connector's installation folder. This file contains certain properties and values that can be variable between different installations. Some values can be altered by the user or an administrator if so desired.

This is an example of an unactivated t1c.conf:

device {
    status=INACTIVE
}
environment {
    shared=false
}
registration {
    # ACC Key
    # apikey = "ec63f262-d205-4665-b68e-235055d0e8f0"
    # PROD KEY
    apikey = "aa30871a-5435-4480-a866-7dbec7e14eb8"
}
ssl {
    keystore-password = "password"
}
contextConfig {
    cors = [
        "*://localhost:*",
        "*.commfides.com",
        "*.t1t.io",
        "*.t1t.io:*"
    ],
    # If wildcardsAllowed is set to false, only origin headers matching entries in the cors array exactly will be allowed
    wildcardsAllowed = true
}
network {
    proxy {
        # If using a central proxy/gateway on infrastructure level, you can override the DS URL to use the
        # "gateway-or-proxy-url" value instead. The response from that server will still be validated against the
        # configured DS public key.

        # gateway-or-proxy-url = "https://myproxy.example.com"

        # Default "detect" value is false, so you need to override if you want the T1C to detect proxy host and port
        # settings. If the values of "host" and "port" are set, these will always be used and no automatic detection will
        # occur. If the values "username" "password", "protocol" or "nonProxyHosts" are set they will be used in
        # conjunction with the detected or overridden proxy host and port.

        # detect = false
        # host = "proxy.example.com"
        # port = 8080
        # username = "myuser"
        # password = "password"
        # protocol = "http"
        # non-proxy-hosts = [ "t1c.t1t.io" ]
    }
}

This is an example of an activated t1c.conf:

contextConfig {
    cors=[
        "*://localhost:*",
        "*.commfides.com",
        "*.t1t.io",
        "*.t1t.io:*"
    ]
    wildcardsAllowed=true
}
device {
    id="33535e2a1c63351f74d810ad060e261a6a11925ec442649a21068a405fdb4abd"
    status=ACTIVE
}
environment {
    shared=false
}
network {
    proxy {
        gateway-or-proxy-url: "https://acc-ds.t1t.io"
    }
}
registration {}
ssl {
    keystore-password=password
}

Context Config

The context configuration contains the CORS configuration. These values can be altered before startup, but if the Trust1Connector is configured to synchronize with the Distribution Service, they will be overridden at startup.

contextConfig {
    cors = [
        "*://localhost:*",
        "*.commfides.com",
        "*.t1t.io",
        "*.t1t.io:*"
    ],
    # If wildcardsAllowed is set to false, only origin headers matching entries in the cors array exactly will be allowed
    wildcardsAllowed = true
}

Property	Type	Description
cors	Array[String]	The list of allowed origins that are allowed by the Trust1Connector CORS filter
wildcardsAllowed	Boolean	Whether to allow the usage of * as wildcards in the CORS filter's allowed origins. If set to false (or absent) only requests whose origin header matches one of the entries in the allowed origins exactly will be allowed through.

Network Configuration

The network configuration contains the values pertaining to how the Trust1Connector connects to the Distribution Service. This allows administrators of customers in a B2B context to enable the Trust1Connector to be able to connect to the Distribution Service in a wide variety of network topologies

network {
    proxy {
        # If using a central proxy/gateway on infrastructure level, you can override the DS URL to use the
        # "gateway-or-proxy-url" value instead. The response from that server will still be validated against the
        # configured DS public key.

        # gateway-or-proxy-url = "https://myproxy.example.com"

        # Default "detect" value is false, so you need to override if you want the T1C to detect proxy host and port
        # settings. If the values of "host" and "port" are set, these will always be used and no automatic detection will
        # occur. If the values "username" "password", "protocol" or "nonProxyHosts" are set they will be used in
        # conjunction with the detected or overridden proxy host and port.

        # detect = false
        # host = "proxy.example.com"
        # port = 8080
        # username = "myuser"
        # password = "password"
        # protocol = "http"
        # non-proxy-hosts = [ "t1c.t1t.io" ]
    }
}

Property	Type	Description
proxy.gateway-or-proxy-url	String	If the Trust1Connector's configured DS is not reachable from the installed device's network, it is possible to override the configured DS URL with this value so that the traffic can be proxied over a gateway or proxy of your choice. This value is optional
proxy.host	String	If you need to configure a network proxy for outgoing requests, you can specify the host here. This value is optional
proxy.port	Integer	If you have configured a proxy host, you must specify a port
proxy.username	String	If the network proxy requires credentials, you can provide the username here. This value is optional
proxy.password	String	If the network proxy requires credentials, you can provide the password here. This value is optional
proxy.protocol	String	You can determine the protocol used by the proxy. M be either http or https. This value is optional
proxy.non-proxy-hosts	Array[String]	The hostnames for which the network proxy should not be used. This value is optional, but if a network proxy is configured, we strongly recommend adding the T1C hostname in this value
proxy.detect	Boolean	If you are uncertain of whether or not a proxy is required, you can set this value to true, and the Trust1Connector will make a best-effort attempt to detect a proxy host and port based on the OS network settings. This value is optional, and is ignored when both proxy.host and proxy.port values are set. Additionally, the detection is unable to detect settings such as username and password.