Configuration
Caution
The Domino server task communicates with the REST API through the KeepManagementURL. It has a default value of http://localhost:8889. You can overwrite this setting in the notes.ini by editing, or creating if missing, the entry KeepManagementURL (case sensitive). Having configured a TLS certificate, you need to make sure the entry starts with https:// and uses the host name your TLS certificate has been issued for. localhost, 127.0.0.1 or ::1 won't work. Configuring TLS doesn't change the port. So when you host, your TLS certificate is issued for, is domino.demo.com and your old entry was missing or is the default of http://localhost:8880, then your new value needs to be: https://domino.demo.com:8889.
Domino REST API comes with reasonable default configuration settings. They allow you to start evaluating and testing out-of-the-box. For an actual deployment, you want to understand the details as outlined here.
Understanding configuration
The configuration follows the concept of an Overlay File System, where the base configuration is retrieved from the jar file and then overlaid with all the JSON files (if present) in the keepconfig.d directory within the Notes data directory and finally, the environment parameters, if any of those exist. Check the details here.
Environment
Parameters are case sensitive.
| Parameter | Description |
|---|---|
| PORT: 8880 | HTTP(S) port for the Domino REST API service. |
| METRICSPORT: 8890 | Endpoint for Prometheus Metrics. |
| JwtDuration | Lifetime in seconds for the internal JWT provider. Default value is 2 hours. |
| maxJwtDuration | Maximum lifetime in seconds that the JWT tokens get accepted. Default value is 24 hours. |
| TLSFile | TLS file with key for jks, pem or pfx. |
| TLSPassword | Password for jks and pfx key file. |
| HEALTHCHECK_USER | Username for accessing Health check (Port 8886) |
| HEALTHCHECK_PASSWORD | Password for accessing Health check (Port 8886) |
JSON Parameters
The detailed overview can be found here. A sample on how to use it for hardening a production environment can be found here. An explanation on how it actually works can be found here.
Configuration retrieval
The current configuration can be retrieved, with sensitive information masked, on the management port such as https://keep.yourserver.io:8889/config.