HTTP server configuration
The Maverics Identity Orchestrator includes an HTTP server in order to consume and process requests for AppGateways and AuthProviders. The server has various properties defined below that can be configured.
The
address declares which address the Orchestrator will listen on. If the host section of the address is blank, the Orchestrator will listen on all available unicast and anycast IP addresses of the local system.Example with just port specified:
http:
address: :443
Example with IP and port specified:
http:
address: 127.0.0.1:443
Alternatively, the HTTP server address can be specified via the
MAVERICS_HTTP_ADDRESS environment variable. If the address is defined in both config and environment variable, the value from the environment variable will be used.export MAVERICS_HTTP_ADDRESS=":443"
tls defines the transport layer security object that will be used for the server. The TLS object used for the server must include valid certFile and keyFile fields.The HTTP server's TLS key pair can also be defined as environment variables by setting both
MAVERICS_TLS_SERVER_CERT_FILE and MAVERICS_TLS_SERVER_KEY_FILE. If the server's TLS key pair is defined in both config and environment variables, the value from the environment variable will be used.export MAVERICS_TLS_SERVER_CERT_FILE="/etc/certs/maverics.sonarsystems.co.crt"
export MAVERICS_TLS_SERVER_KEY_FILE="/etc/certs/maverics.sonarsystems.co.key"
The
readHeaderTimeoutSeconds is an optional field used to determine the amount of time allowed to read request headers. Since the Orchestrator often serves as an HTTP proxy and has many clients with varying performance characteristics, no timeout is set by default.tls:
maverics:
certFile: /etc/certs/maverics.sonarsystems.co.crt
keyFile: /etc/certs/maverics.sonarsystems.co.key
http:
address: :443
tls: maverics
readHeaderTimeoutSeconds: 5