Skip to main content
Skip table of contents

Runtime Properties

To configure your runtime instance there is a properties file available in the data folder of your runtime installation.

The properties file is located at <Runtime Data Folder>/conf/runtime.properties.

The properties described in this document are all required to be present in the runtime.properties file unless specified otherwise.

Server Configuration

Server properties can be changed to change the behaviour of the runtime server.

YML 
# ----------------------------------------
# SERVER PROPERTIES
# ----------------------------------------
server.port=7070
server.thread-pool.size=5

Database Configuration

Properties prefixed with db should not be changed when runtime is already up and running, they are only made available to configure the initial database settings.

Warning: Editing these settings is considered an advanced feature and regular users should not have to do this.

YML 
# ----------------------------------------
# DATABASE PROPERTIES
# ----------------------------------------
# Database properties for the Runtime service database
# Username that should be used to access the runtime database.
db.username= {username} 
# Password used to access the runtime database, can be empty to prevent access from outside sources.
db.password= {password} 
# Port that the runtime database should use
db.port= {port number} 
# Connection string used to connect to the runtime database (ex. jdbc:hsqldb:hsql://localhost/runtime)
db.url= {connection string} 
# Dialect used by hibernate to construct queries (ex. org.hibernate.dialect.HSQLDialect)
db.dialect= {hibernate dialect} 
# Database driver class (ex. org.hsqldb.jdbcDriver )
db.driver= {driver class name}

Security Configuration

These settings are used to configure the token-based security options for accessing the runtime API and web application.

These properties are optional and defaults will be used when they are not present.

YML 
# ----------------------------------------
# SECURITY PROPERTIES
# ----------------------------------------
# The time it takes before access tokens are invalidated in minutes.
#service.access-token.expiration_min={expiration}
# The time it takes before refresh tokens are invalidated in minutes.
# The expiration time of refresh tokens should be longer than the expiration time of access tokens.
#service.refresh-token.expiration_min={expiration}

Agent Configuration

Settings concerning agent startup and communication settings.

Warning: properties prefixed with 'broker.' should only be changed when a runtime agent is not running on the same machine as the runtime service. This feature is currently unsupported.

YML 
# ----------------------------------------
# AGENT PROPERTIES
# ----------------------------------------
# Agent communication settings.
broker.stomp.port=61613
broker.stomp.host=localhost
broker.jms.port=61616
broker.jms.host=localhost

# Automatically start agents when the service starts, defaults to true.
agents.autostart=true
agents.scheduler.interval_ms=100

Database encryption

The Runtime server supports encryption for its embedded database, which stores information about environments, projects, and connections.

Warning: Encryption must be enabled during the initial setup of a new Runtime instance. Existing instances that are already configured cannot be encrypted retroactively.

YML 
# First a key must be created for the desired cipher and
# configuration using an external tool, such as openssl, or by calling the
# HyperSQL function CRYPT_KEY(<cipher spec>, <provider>).
db.cryptKey = {key} REQUIRED
# Some modes of operations require an initialization vector (IV) to be passed in as a hex string. 
# This hex can be generated using an external tool, such as openssl, or randomly generated by the user.
db.cryptIv = {iv} OPTIONAL
# The type of cryptography used to generate the key.
db.cryptType = {type} OPTIONAL

Examples
db.cryptkey=604a6105889da65326bf35790a923932
db.cryptIv=9AB7A109507CD27BEADA2AE59BCEEF08
db.cryptType=AES/CBC/PKCS5Padding

Examples

Using OpenSSL:

CODE 
openssl enc -aes-128-cbc -k RANDOM_PASSPHRASE -P -md  sha256

Using external tool

https://asecuritysite.com/encryption/keygen

Documentation

For a more extensive description of the encryption functionality, you can refer to the HSQLDB documentation at

http://hsqldb.org/doc/2.0/guide/management-chapt.html#mtc_encrypted_database*

SSL

Runtime supports SSL configuration to secure communications. The following settings can be modified in the runtime.properties file:

CODE 
# ----------------------------------------
# SSL PROPERTIES
# ----------------------------------------
#server.ssl.enabled=true
# The format used for the keystore. It could be set to JKS in case it is a JKS file
#server.ssl.key-store-type=PKCS12
# The path to the keystore containing the certificate
#server.ssl.key-store=path-to-keystore
# The password to access the keystore
#server.ssl.key-store-password=xxx
# The alias mapped to the certificate in the keystore
#server.ssl.key-alias=

Application Verification

In addition to Database Encryption, Runtime also includes support for Application Verification as an added layer of security. This feature ensures the integrity of uploaded applications by verifying their authenticity and detecting unauthorized modifications.

YAML 
# ----------------------------------------
# Application verification PROPERTIES
# ----------------------------------------
# The application verification mode. Possible values are:
# - none: No verification is done.
# - restricted: Only signed application are allowed to be uploaded and deployed.
# - warning: Packages are verified but only a warning is given when verification fails.
app.application-verification-mode=none
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close