This page explains configuration options for service components:
For more details about the Orchestrator see the Automatic Key Lifecycle Rotation guide.
Properties file Section: Orchestrator
The orchestrator section configures the Orchestrator service, which manages key lifecycle events: rotation or expiration extension of keys. There’re the following parameters:
| Property | Description |
|---|---|
orchestrator.timer.enabled |
Enables or disables the Orchestrator service. Example: false
|
orchestrator.timer.seconds |
How frequently Orchestrator tasks are checked and potentially run. Example: 60
|
orchestrator.batch.size |
The number of items to process in a single Orchestrator run. Example: 50
|
orchestrator.key.pair.lifecycle.processor |
Type of key pair lifecycle processor. The possible values are: ExtendKeyPairExpirationLifecycleProcessor and RotateKeyPairLifecycleProcessor.Example: ExtendKeyPairExpirationLifecycleProcessor
|
orchestrator.key.pair.expiration.threshold.days |
A threshold for the number of days before key expiration, which indicates that automatic action on such a key should be taken. For example, when set to 60, keys that expire 61 days from now or later will not be acted upon, and keys expiring 60 days from now or less (including already expired keys) will be acted upon.Example: 60
|
orchestrator.key.pair.expiration.target.months |
The number of months to prolong key validity for, only set this when using ExtendKeyPairExpirationLifecycleProcessor.Example: 12
|
You can follow a comprehensive guide on how to enable the EAP orchestrator service to perform automatic lifecycle actions on key-pairs.