To configure your runtime instance there is a properties file available in the data folder of your runtime installation.

The properties file is located at '<Runtime Data Folder>/conf/runtime.properties'

The properties described in this document are all required to be present in the runtime.properties file unless specified otherwise.

Server Configuration

Server properties can be changed to change the behaviour of the runtime server.

# Port the runtime service should use
server.port= {port number} 
YML

Database Configuration

Properties prefixed with db should not be changed when runtime is already up and running, they are only made available to configure the initial database settings.

Warning: Editing these settings is considered an advanced feature and regular users should not have to do this.

# Username that should be used to access the runtime database.
db.username= {username} 
# Password used to access the runtime database, can be empty to prevent access from outside sources.
db.password= {password} 
# Port that the runtime database should use
db.port= {port number} 
# Connection string used to connect to the runtime database (ex. jdbc:hsqldb:hsql://localhost/runtime)
db.url= {connection string} 
# Dialect used by hibernate to construct queries (ex. org.hibernate.dialect.HSQLDialect)
db.dialect= {hibernate dialect} 
# Database driver class (ex. org.hsqldb.jdbcDriver )
db.driver= {driver class name}
YML


Security Configuration

These settings are used to configure the token-based security options for accessing the runtime API and web application.

These properties are optional and defaults will be used when they are not present.

# Login token key is used as a base for generating unique login tokens for this application, can be any valid text value.
# Changing this value will invalidate all logins made with the current key
# Runtime will by default generate a random key each time the service is started. Set the key to a static value to enable persistent logins.
app.loginTokenKey= {secure key}
# Login tokens will be invalid after X seconds, default is 86400 seconds(1 day).
# For security reasons we advise to set the expiration date to a maximum of 1 week.
# Changing this value will only affect newly created tokens.
app.loginExpirationInSeconds= {seconds}
YML

Agent Configuration

Settings concerning agent startup and communication settings.

Warning: properties prefixed with 'broker.' should only be changed when a runtime agent is not running on the same machine as the runtime service. This feature is currently unsupported.

# Automatically start agents when the service starts, defaults to true.
agents.autostart= {true or false}
# Agent communication settings.
broker.stomp.port=61613
# Agent communication settings.
broker.stomp.host=localhost
# Agent communication settings.
broker.jms.port=61616
# Agent communication settings.
broker.jms.host=localhost
YML

Database encryption

The runtime server supports encryption of the embedded database used to store information about environments/projects and connections.

Warning: Encryption should be configured only on new runtime instances, already configured instances cannot be encrypted.

# First a key must be created for the desired cipher and
# configuration using an external tool, such as openssl, or by calling the
# HyperSQL function CRYPT_KEY(<cipher spec>, <provider>).
db.cryptKey = {key} REQUIRED
# Some modes of operations require an initialization vector (IV) to be passed in as a hex string. 
# This hex can be generated using an external tool, such as openssl, or randomly generated by the user.
db.cryptIv = {iv} OPTIONAL
# The type of cryptography used to generate the key.
db.cryptType = {type} OPTIONAL

Examples
db.cryptkey=604a6105889da65326bf35790a923932
db.cryptIv=9AB7A109507CD27BEADA2AE59BCEEF08
db.cryptType=AES/CBC/PKCS5Padding
YML

Examples

Using openssl

openssl enc -aes-128-cbc -k RANDOM_PASSPHRASE -P -md  sha256
CODE


Using external tool


https://asecuritysite.com/encryption/keygen


Documentation

For a more extensive description of the encryption functionality, you can refer to the hsqldb documentation at

http://hsqldb.org/doc/2.0/guide/management-chapt.html#mtc_encrypted_database*