This repository has been archived by the owner on Jan 7, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathexec-mobileid.properties.sample
executable file
·46 lines (37 loc) · 2.41 KB
/
exec-mobileid.properties.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
# Application Provider's Credentials
AP_ID=mid://dev.swisscom.ch # AP_ID used to identify to Mobile ID (provided by Swisscom)
AP_PWD=disabled # AP Password is ignored. You can set any value here.
# Client Authentication (TLS/SSL)
CERT_FILE=/opt/freeradius/certs/mycert.crt # Client certificate for the TLS/SSL authentication
CERT_KEY=/opt/freeradius/certs/mycert.key # Client private key file that is related to the client certificate
# Truststore / Root CA files
CERT_CA_MID=$PWD/certs/mobileid-ca-signature.crt # Root CA and intermediate CA certificates for the Mobile ID Signature validation
CERT_CA_SSL=$PWD/certs/mobileid-ca-ssl.crt # Root CA certificate for the TLS/SSL server certificate validation
# Service identification
AP_PREFIX="myserver.com" # AP prefix that will be added to the message sent to the mobile
# Additional cURL options (refer to 'man curl' pages for further details)
# --insecure
# This option explicitly allows curl to perform "insecure" SSL connections. Server certificate is not validated!
# This may be helpful if you experience TLS/SSL issues. It is not recommended for later production use.
# --capath none
# Tells curl to use the specified certificate directory to verify the peer.
# Using '--capath none' can allow OpenSSL-powered curl to make SSL-connections much more efficiently.
# However, this option may cause problems on some curl version, in case NSS library is used.
# --silent
# Don't show progress meter or error messages. Makes Curl mute. It will still output the data you ask for
#
CURL_OPTIONS="--insecure --silent"
# Default language if not set
DEFAULT_LANGUAGE=en
# Unique Mobile ID (SN of DN) verification
# ifset: the verification will only be done if a value has been provided to the module
# required: the verification is mandatory and a value must be provided to the module
# ignore: there will be no verification done
UNIQUEID_CHECK=ifset
# Optional Geofencing: List of allowed Mobile Country Codes, refer to http://www.mcc-mnc.com
# ALLOWED_MCC="228,295" # Allows from Switzerland and Lichtenstein
# Logging (Silent=0, Info=1, Error=2, Debug=3)
VERBOSITY=2
# Mobile ID Endpoint (base URL with no path)
BASE_URL=https://mobileid.swisscom.com
#BASE_URL=https://195.65.233.222 # Use this IP if you connect over LAN-I connectivity