Environment Variables Configuration - mitre/emasser GitHub Wiki

Environment Variable

All settings are contained within the .env configuration file located at the root directory of the project. A .env-example file is provided for references.

If running eMASSer from a ruby gem (executable), place the .env file on the directory from which the command is executed and ensure that the the certificates paths point to the appropriate files.

If running eMASSer from a docker container, add the .env and the appropriate eMASS certificates (key.pem and client.pem) to the bind mount volume (path-to-secrets) and run the container:

OS Command
Windows docker run --rm -v %cd%/path-to-secrets:/data mitre/emasser:latest
Linux or Mac docker run --rm -v $PWD/path-to-secrets:/data mitre/emasser:latest

Configuration:

The environment variables contained in the .env belong to two categories; required or optional. Optional variables are given default values if not present.

Required:

  • EMASSER_API_KEY: The API key
  • EMASSER_USER_UID: The unique identifier of the eMASS user associated with EMASSER_API_KEY_API_KEY
  • EMASSER_HOST_URL: The FQDN of the eMASS server
  • EMASSER_KEY_FILE_PATH: The eMASS key certificate (full path) in PEM format
  • EMASSER_CERT_FILE_PATH: The eMASS client certificate (full path) in PEM format
  • EMASSER_KEY_FILE_PASSWORD: The password for the key given in EMASSER_KEY_FILE_PATH

Optional

  • EMASSER_CLIENT_SIDE_VALIDATION: Use client side validation (true or false) - default true
  • EMASSER_VERIFY_SSL=<verify SSL: Use SSL validation (true or false) - default true
  • EMASSER_VERIFY_SSL_HOST: Use host SSL validation (true or false) - default true
  • EMASSER_DEBUGGING: Turn debugging on/off (true or false) - default false
  • EMASSER_CLI_DISPLAY_NULL: Display null value fields (true or false) - default true
  • EMASSER_EPOCH_TO_DATETIME: Convert epoch to data/time value (true or false) - default false

Notes:

  • EMASSER_API_KEY The API key is obtain by invoking the emasser post register cert endpoint command
  • EMASSER_USER_UID For DoD users this is the DoD ID Number (EIDIPI) on their DoD CAC.