### Logging
logging:
  level:
    root: WARN
    org.springframework: WARN
    at.gv: INFO #DEBUG
    iaik: INFO #DEBUG
    at.gv.egiz.moazs.backend:
      SignatureVerifier: DEBUG
      LogResponseSink: INFO

# Default type for java's ssl key/trust store
javax.net.ssl:
  keyStoreType: jks
  trustStoreType: jks

# Configure parameters here or in DeliveryRequest/Config.
# Choose a profile in DeliveryRequest/Config/ProfileId.
# If a parameter is missing, moa zs falls back to "default"
# Order: DeliveryRequest/Config > [chosen-profile] > default
delivery-request-configuration-profiles:
  default:
    perform-query-person-request: false
    msg-client:
      url: http://localhost:8081/services/DeliveryRequest
      # Time in ms after which a connection will be closed.
      # 0 means indefinitely.
      connection-timeout: 0
      # Time in ms that the client waits after having sent the request.
      # 0 means indefinitely.
      receive-timeout: 0

    # Specifies how MoaZS should a synchronous responses from msg.
    msg-response-sinks:
      save-response-to-file:
        active: false
        path: /msg-responses/
      log-response: true
      forward-response-to-service:
        active: false
        mzs-client:
          # TODO: ensure that only one url is needed to
          # sent DeliveryRequestStatus / DeliveryNotifications
          url: http://service.which.implements.mzs2app.wsdl/services/
          # connection-timeout
          # receive-timeout
          # ssl...

  ssl-profile:
    msg-client:
      url: https://localhost/zusemsg/services/DeliveryRequest
      ssl:
        ## Boolean; if true, app will trust all server certificates;
        ## if false, server certificate needs to be in truststore.
        trust-all: false
        ## Boolean; if true, app ignores mismatches between server's host name and
        ## Certificate's common name / alternative subject name.
        lax-hostname-verification: false
        ## Parameters for ssl client auth
        keystore:
          ## Path to file
          filename: ssl/client.cert.key.p12
          ## Password to unlock key store.
          password: 123456
          ## JKS or PKCS12
          type: PKCS12

# If set to false, moa zs ignores an incomplete default DeliveryRequest-configuration
# profile and continues startup. See 'delivery-request-configuration-profiles'.
# Default value: true
verify-completeness-of-default-delivery-request-configuration: true

### moa spss config
moa.spss:
  is-active: true
  # if active, moa spss will validate manifests in xml signatures
  is-manifest-check-active: false
  server:
    # path that points to MoaSPSSConfiguration file; can be:
    # - absolute path (unix: starts with /), or
    # - relative path (otherwise, relative to application's class path)
    configuration: moa-spss/MOASPSSConfiguration.xml
    default-trustprofile: test-trustprofile

spring:
  redis:
    host: 172.17.0.2
    port: 6379

repository:
  # duration in minutes before repository records are evicted.
  expiresAfterWrite: 30

## activate cluster mode
#  profiles:
#    active: cluster