Skip to main content

Connect Quorum Key Manager

Codefi Orchestrate uses Quorum Key Manager (QKM) as a key management service. Use the following environment variables to configure QKM when starting the Orchestrate Transaction Sender and Orchestrate Gateway.

tip

Configure each microservice using microservice-specific environment variables. Command line options are also available and take precedence over environment variables.

Configuration

Environment variableCommand line optionDescription
KEY_MANAGER_URLkey-manager-urlURL of Quorum Key Manager
KEY_MANAGER_METRICS_URLkey-manager-metrics-urlURL of Quorum Key Manager metrics

Authentication

You can configure authentication using the following environment variables.

Environment variableCommand line optionDescription
KEY_MANAGER_API_KEYkey-manager-api-keyAPI key of the HTTP authentication
KEY_MANAGER_CLIENT_TLS_CERTkey-manager-client-tls-certPath to the TLS authentication certificate file
KEY_MANAGER_CLIENT_TLS_KEYkey-manager-client-tls-keyPath to the TLS authentication key file
KEY_MANAGER_TLS_SKIP_VERIFYkey-manager-tls-skip-verifySet to true to skip TLS authentication verification

If user credentials, such as JWTs, are provided, Orchestrate forwards them to Quorum Key Manager.

Ethereum Store

Environment variableCommand line optionDescription
KEY_MANAGER_STORE_NAMEkey-manager-store-nameQuorum Key Manager Store