HashiCorp Vault configuration settings
The TOML configuration file used to retrieve the encryption key from HashiCorp Vault and configure secure communication using TLS when configuring encrypted storage.
| Configuration setting | Required/Optional | Description |
|---|---|---|
hashicorp.serverHost | Required | Host address of HashiCorp Vault. |
hashicorp.serverPort | Required | Port number of HashiCorp Vault. |
hashicorp.token | Required | Root token generated when starting HashiCorp Vault. |
hashicorp.keyPath | Required | Path to the stored encryption key. |
hashicorp.keyName | Optional | Name of the stored encryption key. The default is value. |
hashicorp.timeout | Optional | Timeout in milliseconds. The default is 10000 (10 seconds). |
hashicorp.tlsEnable | Optional | Enable a TLS connection between Hyperledger Besu and HashiCorp Vault server. The default is true. |
hashicorp.tlsVerifyHost | Optional | Verify the host name on the certificate matches the server. If they do not match, the connection is denied. If TLS is enabled, the default is true. |
hashicorp.tlsTrustStoreType | Optional | Type of trust store. Supported types include PEM, PKCS12, and JKS. |
hashicorp.tlsTrustStorePath | Optional | Location of the trust store. |
hashicorp.tlsTrustStorePassword | Optional | Trust store password. Required if the trust store type is JKS or PKCS12. |