Differences

This shows you the differences between two versions of the page.

--- tutorial:adm:czechidm_installation_win [2020/06/10 17:01]
apeterova fake certificate
+++ tutorial:adm:czechidm_installation_win [2020/10/01 14:45]
urbanl [Configure environment properties. Select application profile]
@@ Line 27: / Line 27: @@
   * Add ''C:\CzechIdM\etc;C:\CzechIdM\lib;C:\CzechIdM\lib\\*;'' to the **beginning of the** ''CLASSPATH''. If you followed the [[tutorial:adm:server_preparation_win|]] guide, this should already be in place.
   * Add ''-Dspring.profiles.active=production'' to the ''Java options''.
-=== Change Tomat logging properties ===
-In order to set-up log rotation we need stop logging to stdout and start logging to catalina.log .
-Make these changes in file ''C:\Program Files\Apache Software Foundation\Tomcat 8.5\conf\logging.properties'':
-Comment out console handler. We don't want tomcat to log to stdout or stderr.
-<code>
-handlers = 1catalina.org.apache.juli.AsyncFileHandler, 2localhost.org.apache.juli.AsyncFileHandler, 3manager.org.apache.juli.AsyncFileHandler, 4host-manager.org.apache.juli.AsyncFileHandler
-#handlers =  java.util.logging.ConsoleHandler
-.handlers = 1catalina.org.apache.juli.AsyncFileHandler
-#.handlers = java.util.logging.ConsoleHandler,
-#java.util.logging.ConsoleHandler.level = FINE
-#java.util.logging.ConsoleHandler.formatter = org.apache.juli.OneLineFormatter
-</code>
-In 1catalina file handler change log level to "INFO" and prefix from "catalina" to "tomcat". Also set property rotable to "false". Tomcat write to this file only when starting or shutting down.
-<code>
-#1catalina.org.apache.juli.AsyncFileHandler.level = FINE
-#1catalina.org.apache.juli.AsyncFileHandler.prefix = catalina.
-catalina.org.apache.juli.AsyncFileHandler.level = INFO
-catalina.org.apache.juli.AsyncFileHandler.directory = ${catalina.base}/logs
-catalina.org.apache.juli.AsyncFileHandler.prefix = tomcat
-catalina.org.apache.juli.AsyncFileHandler.rotatable = false
-catalina.org.apache.juli.AsyncFileHandler.suffix = .log
-</code>
 ==== Create CzechIdM configuration folders ====
@@ Line 243: / Line 215: @@
 There are two properties in application-production.properties that influence the confidential storage:
-  * You can set the 128bit (16byte) key directly in the property file using **cipher.crypt.secret.key** property or
+  * You can set the 128bit (16byte) or 256bit (32byte) key directly in the property file using **cipher.crypt.secret.key** property or
   * you can create separate file (in our case **secret.key**) containing a random string. Then you reference this file with **cipher.crypt.secret.keyPath** property.
 <note warning>On Windows, you have to use separate file **secret.key**.</note>
@@ Line 249: / Line 221: @@
 <note warning>CzechIdM doesn't contain any default key for crypt confidential storage. Please define it before you start using the IdM.</note>
-Confidential storage uses AES/CBC/PKCS5Padding ([[https://docs.oracle.com/javase/7/docs/api/javax/crypto/Cipher.html|more info]]) algorithm which operates with 128bit key.
+Confidential storage uses AES/CBC/PKCS5Padding (more info) algorithm which operates with 128bit or 256bit key.
 === Attachment store ===