Instance Parameters in Configuration Files
This topic describes structure of the .ini configuration files.
Structure of .ini files
The flowforce.ini file has the following structure:
[Listen]
active=1
host=127.0.0.1
port=4646
hostname=
[ListenSSL]
active=1
SSL=1
host=0.0.0.0
port=4647
hostname=
[SSL]
certificate=/path/to/certificate.crt
private_key=/path/to/private_key.key
certificate_chain=/path/to/certificate_chain
[Master]
host=0.0.0.0
port=4645
active=1
The flowforceweb.ini file has the following structure:
[Listen]
active=1
host=0.0.0.0
port=8082
hostname=example.domain.org
[ListenSSL]
active=1
SSL=1
host=0.0.0.0
port=8083
hostname=example.domain.org
[SSL]
certificate=path/to/certificate.crt
private_key=path/to/private_key.key
certificate_chain=/path/to/certificate_chain
[FlowForce]
host=127.0.0.1
port=4646
hostname=
The .ini files are organized into sections. For details, see the subsections below.
The [Listen] section defines the HTTP connection settings. You can define multiple [Listen] sections. Each [Listen] section must begin with Listen (e.g., [ListenSSL]). The available parameters are listed below.
active | (Optional) Activates or deactivates the current [Listen] section. The valid values are 0 (disabled) and 1 (enabled). For example, active=1 means that HTTP connections are enabled.
|
host | Specifies the network bind address of FlowForce (Web) Server (e.g., 127.0.0.1). This can be an IPv4 or IPv6 address. Use 0.0.0.0 to listen on all interfaces. For local access only, use 127.0.0.1.
|
port | Specifies the port on which FlowForce (Web) Server will listen. Make sure to specify the port that is not in use yet.
If the binding address (interface) is non-local, you may need to configure the operating system's firewall so as to enable access through the designated port.
|
hostname | The Host name field, if non-empty, sets a fixed host name that is used for the binding. It sets the name of the machine running FlowForce Web Server, and other machines on the network will use this name to connect to it. FlowForce automatically detects the appropriate host name to use. If you set this field explicitly, then automatic detection will be overridden. Depending on the network configuration in your organization, you may need to use a value such as somehost or somehost.example.org.
The host name associated with a binding is used for SSL (see Enable SSL for FlowForce Server/Web Server) and by Altova ServiceController* on Windows. If SSL is enabled, the host name must match the Common Name property of the certificate.
* Altova ServiceController is an application that enables you to conveniently start, stop, and configure Altova services on Windows systems.
|
This option enables you to specify the maximum size, in bytes, of HTTP requests to FlowForce Server/Web Server (e.g., max_request_body_size=500000000). The default limit is around 100 MB (100,000,000 bytes). You may need to set this option explicitly in the following situations:
1.If you call FlowForce Web services exposed as jobs and the HTTP request body is larger than the default limit. 2.If you deploy mappings from MapForce to FlowForce Server and the input files are larger than the default limit.
For Case 1 above, the option must be set only in the flowforce.ini file. For Case 2, the option must be set in both flowforce.ini and flowforceweb.ini files.
|
This section enables you to configure the encrypted HTTPS connection settings. Besides all the parameters listed in the [Listen] section above, the [ListenSSL] section also has the ssl parameter that can be used to enable SSL support. The valid values are 0 (disabled) and 1 (enabled). If you enable SSL, the [SSL] section is required (see below).
[SSL]
The [SSL] section defines the SSL/HTTPS connection settings. This section is required if the HTTPS interface is active (see [ListenSSL] above). The available parameters are listed below.
certificate | Specifies the absolute path of the certificate file in PEM format.
|
private_key | Specifies the absolute path of the private key file in PEM format.
|
certificate_chain | (Optional) The path to the certificate chain file.
|
[FlowForce]
The [FlowForce] section applies only to FlowForce Web Server (flowforceweb.ini). This section enables you to configure the connection settings between FlowForce Web Server and FlowForce Server. This section must match the [Listen] section in flowforce.ini. The available parameters are described below.
host | Specifies the IP address or host name of FlowForce Server. If FlowForce Server is not bound to all interfaces, this value must be the same as in the [Listen] section of flowforce.ini; otherwise, the value of the host parameter will be 127.0.0.1. If SSL is enabled, this value must match the Common Name property of the certificate configured in the [SSL] section of flowforce.ini.
|
port | Specifies the TCP port on which FlowForce Web Server will connect to FlowForce Server. This value must be the same as in the corresponding [Listen] or [ListenSSL] section of flowforce.ini. If SSL is enabled on this port, the host and hostname (or just the host if the hostname is not present) must match the Common Name property of the certificate configured in the [SSL] section of flowforce.ini.
|
hostname | If non-empty, this field sets a fixed host name that is used by other machines on the network to connect to FlowForce jobs that are exposed as Web services. You may need to use a value like somehost or somehost.example.org, depending on the network configuration in your organization.
The host name is also used by Altova ServiceController*. If you do not set the host name, FlowForce detects automatically the first appropriate host name that will be used by Altova ServiceController.
If the hostname is configured, the FlowForce Web interface may show clickable links to navigate to jobs exposed as Web services, including links in the Active Triggers and Services section of the Home page. Also, the Call Web Service button becomes available in the Service section of the job configuration page. This button enables you to call a Web service in a new browser window.
* Altova ServiceController is an application that enables you to conveniently start, stop, and configure Altova services on Windows systems.
|
certificate | (Optional) Specifies the server certificate that will be accepted by FlowForce Server. If no certificate is given, the system root CA certificates will be used to verify the server certificate. If present, this value must match the certificate that FlowForce Server is using (specified in the flowforce.ini file).
|
ssl | (Optional) Enables SSL support for the connection between FlowForce Web Server and FlowForce Server. The valid values are 0 (disabled) and 1 (enabled).
|
[FlowForceWeb]
This section applies only to FlowForce Web Server (the flowforceweb.ini file).
timezone | Specifies the default time zone of FlowForce Web Server (e.g., timezone=Europe/Berlin). You can also configure the default time zone in the Settings on the Administration page.
|
[Master] (Advanced Edition)
This section applies only to the flowforce.ini file. It is relevant when multiple FlowForce Server instances run in a cluster, and the current instance is the master instance (see Cluster).
active | Enables encrypted connection to this master instance. The valid values are 0 (disabled) and 1 (enabled).
|
binding address | Specifies the binding address of the master FlowForce Server instance. Use 0.0.0.0 to listen on all interfaces.
|
port | The port on which this master instance listens to requests from worker instances.
|
Encrypted connections between FFS and FFW
To enable encrypted connections between FlowForce Server and FlowForce Web Server, you need to configure flowforce.ini and flowforceweb.ini as shown below.
flowforce.ini
[ListenSSL]
active=1
ssl=1
host=0.0.0.0
port=4647
hostname=server.my.domain.com
[SSL]
certificate=C:\secure\flowforce.crt
private_key=C:\secure\flowforce.key
certificate_chain=
The port value 4647 refers to the default port for encrypted connections. The paths in the [SSL] section point to the locations of the certificate and private key for FlowForce Server.
flowforceweb.ini
[FlowForce]
host=127.0.0.1
port=4647
ssl=1
certificate=C:\secure\flowforce.crt
The host in this case is 127.0.0.1, because the communication between FFS and FFW is local. The port points to the port where FFS accepts encrypted connections, i.e., 4647. The certificate parameter refers to the local path of the FFS certificate file (or the path of the common certificate of FFS and FFW if they are using the same).