SignBuilder: Configuration

Environment Variables

Configure the following environment variables to customize your instance.

Key	Description	Value example
PDFSIGN_BACKEND_LICENSE	License value	Base64 String
AWS_ACCESS_KEY_ID	AWS key ID, when this resource is enabled.	AKIADDODSSFFFFEERWSGA5Z
AWS_SECRET_ACCESS_KEY	AWS access key, when this resource is enabled.	+kl/fserfasdrek42werwjrwerkwekrwe22reer

Volumes

The following volumes can be mounted on the Docker image to overwrite the variables.

Source (host)	Path (container)	Description
./config	/opt/pdf-signer-backend/config	Configuration directory
./logs	/opt/pdf-signer-backend/logs	Log directory
./file-cache	/opt/pdf-signer-backend/file-cache	Temporary files repository

Configuration files

The following files define app behavior.

File	Description	Default Value
application.properties	Main application configuration.
log4j2.xml	Log configuration.
keystore.p12	Keystore, in pkcs12 format, used to configure HTTPS connection.

Application.properties

# PDF SIGNER

# ------------------------------------------
# Clean up pre-signed cacha files
# Schedule interval (seconds,  60sec*10min = 600)
# Disabled == 0; When disabled, external process must be implemented to erase files.
pdfsigner.phase-one.cleaner-interval-seconds=1200

# When a file is considered to be erased (in seconds)
# 600sec = 10min
pdfsigner.phase-one.expiration-seconds=3600

# Directory where signed PDF files are stored.
# This directory must be cleaned up by the host server.
pdfsigner.phase-three.directory=./file-cache

# ------------------------------------------
# Log file.
# A full documentation can be found in https://logging.apache.org/log4j/2.x/manual/index.html
logging.config=config/log4j2.xml

# ------------------------------------------
# SSL support
# Enable SSL port support. Certificate should be replaced by a trusted certificate.
# server.port=8443
# server.ssl.key-store-type=PKCS12
# server.ssl.key-store=config/keystore.p12
# server.ssl.key-store-password=123456
# server.ssl.key-alias=pdf-signer
# security.require-ssl=true

# ------------------------------------------
# Service timeout (in miliseconds)
spring.mvc.async.request-timeout=60000

# ------------------------------------------
# Maximum size of files or multipart files to be uploaded
# This value present performance problems
# Set -1 for infinite upload size
spring.servlet.multipart.max-file-size=5MB
spring.servlet.multipart.max-request-size=5MB

# ------------------------------------------
# This access key prevent access to some endpoints and it will replared by API-Key in the future.
pdfsigner.access-key=f199412d-xxxxx-4df6-a547-xxxxxxxxxxx

# ------------------------------------------
# Enable AWS S3 storage.
# The following environment variables must be defined to allow the access to the S3 resources.
#  - AWS_ACCESS_KEY_ID 
#  - AWS_SECRET_ACCESS_KEY
# Follow AWS S3 documentation to obtain this values.
pdfsigner.s3.enabled=true
# Temp cache folder in S3
pdfsigner.s3.tmp-directory=pdf-signer/desa/tmp
# Bucket and object used to check if the resource is reachable.
pdfsigner.s3.healthcheck.bucket=your-tenant-name
pdfsigner.s3.healthcheck.key=desa/health/health.png

# ------------------------------------------
# Enabled CORS header domain
# This list must be a ; separated list of URLs
# ex:http://localhost:8080;https://desa-api-signer.certisur.net
# default value: http://localhost:8080
pdfsigner.cors.allowed-origins=http://localhost:8080;https://desa-api-signer.yourdomain

# ------------------------------------------
# Swagger documentation
springdoc.api-docs.path=/documentation
springdoc.swagger-ui.path=/swagger-ui-custom.html

# ------------------------------------------
# Monitor / Health check follow Actuator definitions like
# https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.enabling
management.endpoints.web.base-path=/monitor
management.endpoints.web.exposure.include=health,info,metrics
management.endpoint.health.show-details=always
#management.endpoints.web.cors.allowed-origins=http://localhost:8080
#management.endpoints.web.cors.allowed-methods=OPTIONS, GET, POST
#management.endpoints.web.cors.allowed-headers=*

Log configuration

<?xml version="1.0" encoding="UTF-8"?>
<Configuration status="DEBUG">
	<Properties>
        <Property name="LOG_PATTERN">
            %d{yyyy-MM-dd HH:mm:ss.SSS} %5p ${hostName} --- [%15.15t] %-40.40c{1.} : %m%n%ex
        </Property>
    </Properties>
    <Appenders>
    	<Console name="ConsoleAppender" target="SYSTEM_OUT">
            <PatternLayout pattern="${LOG_PATTERN}"/>
        </Console>
		<RollingFile name="FileAppender" 
					 fileName="logs/pdf-signer-backend.log" 
					 filePattern="logs/pdf-signer-backend-%d{MM-dd-yyyy}.log">
			<PatternLayout pattern="${LOG_PATTERN}"/>
			<Policies>
		        <SizeBasedTriggeringPolicy size="20 MB"/>
		    </Policies>
		    <DefaultRolloverStrategy max="20"/>
		</RollingFile>
    </Appenders>
    <Loggers>
    	<Root level="info">
    		<AppenderRef ref="ConsoleAppender"/>
            <AppenderRef ref="FileAppender"/>
        </Root>
        <Logger name="com.certisur" level="debug" additivity="false">
        	<AppenderRef ref="ConsoleAppender"/>
            <AppenderRef ref="FileAppender"/>
        </Logger>
    </Loggers>
</Configuration>

.

CertiSur Products Suites

SignBuilder: Configuration

Analytics

Environment Variables

Volumes

Configuration files

Related content