client.conf¶
System configuration of NDN platform is specified in client.conf.
The configuration file client.conf is looked up in several directories in the following order:
- $HOME/.ndn/: user-specific settings
- @SYSCONFDIR@/ndn/ (/usr/local/etc/ndn, /opt/local/etc/ndn, or other, depending how the library is configured): system-wide settings
- /etc/ndn: default system-wide settings
Here is an example of client.conf for current ndn-cxx package:
; "transport" specifies Face's default transport connection.
; The value is a unix or tcp4 scheme Face URI.
;
; For example:
;
; unix:///var/run/nfd.sock
; tcp://192.0.2.1
; tcp4://example.com:6363
transport=unix:///var/run/nfd.sock
; "pib" determines which Public Info Base (PIB) should used by default in applications.
; If "pib" is not specified, the default PIB will be used.
; Note that default PIB could be different on different system.
; If "pib" is specified, it may have a value of:
; pib-sqlite3
; pib=pib-sqlite3
; "tpm" determines which Trusted Platform Module (TPM) should used by default in applications.
; If "tpm" is not specified, the default TPM will be used.
; Note that default TPM could be different on different system.
; If "tpm" is specified, it may have a value of:
; tpm-osxkeychain (default in OS X)
; tpm-file (default in operating systems other than OS X)
; tpm=tpm-file
NFD¶
- transport
FaceUri for default connection toward local NDN forwarder. Only unix and tcp4 FaceUri can be specified here.
By default, unix:///var/run/nfd.sock is used.
- ..note::
- This value can be overriden using NDN_CLIENT_TRANSPORT environment variable.
Key Management¶
- pib
The public key information for each private key stored in TPM. The format for this setting is:
pib=[scheme]:[location]
Possible values for [scheme]:
pib-sqlite3: local PIB implementation with SQLite3 storage engine
Possible values for [location]:
- absolute path where SQLite3 database will be stored
- relative path (relative to config.conf)
- empty: default path $HOME/.ndn will be used
When [location] is empty, trailing : can be omitted. For example:
pib=pib-sqlite3
Changing PIB scheme without changing location is not allowed. If such change is necessary, the whole backend storage must be destroyed. For example, when default location is used:
rm -rf ~/.ndn/ndnsec-*
It’s not recommended to share the same directory between machines, e.g. via NFS. Simultaneous access from multiple machines may cause errors.
- ..note::
- This value can be overriden using NDN_CLIENT_PIB environment variable.
- tpm
Trusted Platform Module (TPM) where the private keys are stored. The format for this setting is:
tpm=[scheme]:[location]
Possible values for [scheme]:
tpm-osx-keychain (default on OS X platform): secure storage of private keys in OS X Keychain with OS-provided access restrictions.
[location] parameter is ignored.
May not work for daemon applications, as user interaction may be required to access OS X Keychain.
tpm-file (default on all other platforms): file-based storage of private keys
Possible values for [location]:
- absolute path to directory that will store private/public key files (unencrypted with 0700 permission)
- relative path (relative to config.conf)
- empty: default path $HOME/.ndn/ndnsec-tpm-file will be used
When [location] is empty, trailing : can be omitted. For example:
tpm=tpm-file
Change of ``tpm`` setting is only possible together with ``pib`` setting. Otherwise, an error will be generated during PIB/TPM access
It’s not recommended to share the same directory between machines, e.g. via NFS. Simultaneous access from multiple machines may cause errors.
- ..note::
- This value can be overriden using NDN_CLIENT_TPM environment variable.