Available technical configuration parameters

Default administrator account name

Default administrator account display name

Relative path of the file where the initial admin password should be stored into

Length (in bytes) of the initial admin password

Default administrator account identity provider to use

Duration after which the bootstrap of Stream times out

Interval at which CRL synchronization occurs

How to set max-age cache directive on crl fetch: one of 'disabled', 'nextrefresh' or a duration

Default max-age duration in 'nextrefresh' mode when the CRL has no next refresh planned

Max allowed size on applicative side for CRL uploads

Name of the HTTP header containing the certificate

Allow only certificate authentication

Time to live of the events. If not set, events never expire

Specify whether to chain and sign the Stream events to ensure they haven’t been tampered with

Algorithm to use to hash the signature of the events in Stream (other possible values are "HS384" and "HS256")

Secret to seal the events with

Do not throw an error if pending events are unsealed

Enable to remove stacktraces from Stream events

Duration after which the event manager times out when trying to retrieve the last signed event in the database

How often will the Event Manager actor check in the database if new a new event appeared to sign it and display it in the "Events" section of Stream

If set to true, enforces the use of the serverAuth EKU in the server authentication certificates (when Stream accesses a service through TLS)

Timeout to check trust status of certificates

Time after which an entry in the CRL cache expires for external CAs

Time after which an entry in the CRL cache expires for managed CAs

Interval at which CRL Info are synchronized in trust manager

Duration after which the security manager times out when trying to authenticate a principal with its session

Local accounts password length

How long the authentication cache lasts

Timeout for operations using keystores (generating CSR, listing keys, etc ..)

Delay when reloading pkcs11 keystores after an error

Interval at which keystore status is checked

List of names of keystores that are required to consider the instance ready

Timeout to register the queues in actors

Number of parallel requests (enrollment, revocation, ocsp, timestamping…) on the default queue

Number of requests (enrollment, revocation, ocsp, timestamping, crl, krl) that can be queued on the default queue

Enable advanced metrics for collection

Interval at which short lived metrics are computed

Interval at which background metrics are computed

Timeout for registering the triggers in actors

Timeout for registering the NTP Clients in actors

Timeout for the system monitor loading

Maximum recursion allowed for the SQL (Stream Query Language) queries

Defines whether HTTP connections should remain open

Name of the HTTP header to use as Real IP

Interval at which KRL synchronization occurs

How to set max-age cache directive on krl fetch: one of 'disabled', 'nextrefresh' or a duration

Default max-age duration in 'nextrefresh' mode when the KRL has no next refresh planned

Path to the keyset for secrets encryption

Master key URI to encrypt the keyset with

Timeout for processing OCSP requests and starting OCSP actors

Max allowed size for OCSP requests

Default time for OCSP response next update when no crl refresh is available

Separator character of the OpenID state

Size (in bytes) of the challenge stored in the nonce

Duration for which a nonce stays in Horizon before being removed

Timeout for registering the SSH Certificate Authorities in actors

The Timeout of SSH CA actions

How many elements to retrieve in a security principals search query if no pageSize has been specified

How big can the pageSize parameter be in a security principals search query (Must be a positive integer)

How many elements to retrieve in an event search query if no pageSize has been specified

How big can the pageSize parameter be in an event search query (Must be a positive integer)

How many elements to retrieve in a X509 certificate search query if no pageSize has been specified

How big can the pageSize parameter be in a X509 certificate search query (Must be a positive integer)

How many elements to retrieve in a SSH certificate search query if no pageSize has been specified

How big can the pageSize parameter be in a SSH certificate search query (Must be a positive integer)

Timeout to register signers and process responses

Timeout to register timestamping authorities in actors

Max allowed size for timestamping requests

Timeout for registering the X509 Certificate Authorities in actors

The Timeout of X509 CA actions