client.conf¶
Description¶
System configuration of NDN platform is specified in client.conf.
The configuration file client.conf is looked up in several directories in the following order:
$HOME/.ndn: user-specific settingsSYSCONFDIR/ndn: system-wide settings (whereSYSCONFDIRcan be/usr/local/etc,/opt/local/etc, or other, depending on how the library is configured)/etc/ndn: default system-wide settings
Here is an example of client.conf for the current ndn-cxx package:
; "transport" specifies the default transport connection used by the client-side face to communicate
; with a (local or remote) NDN forwarder. The value must be a Face URI with a Unix or TCP scheme.
;
; For example:
; unix:///tmp/nfd/nfd.sock
; tcp://192.0.2.1
; tcp4://example.com:6363
; tcp6://[2001:db8::1]:6363
;
; The default value of this field is platform-dependent, being "unix:///run/nfd/nfd.sock" on Linux
; and "unix:///var/run/nfd/nfd.sock" on other platforms.
;
;transport=unix:///var/run/nfd/nfd.sock
; "pib" determines which Public Information Base (PIB) should used by default in applications.
; Currently, the only supported value for "pib" is:
; - "pib-sqlite3" (default if not specified)
;
;pib=pib-sqlite3
; "tpm" determines which Trusted Platform Module (TPM) should used by default in applications.
; The supported values for "tpm" are:
; - "tpm-file" (default if not specified)
; - "tpm-osxkeychain"
;
;tpm=tpm-file
Forwarder¶
- transport
FaceUri for default connection toward local or remote NDN forwarder. Only
unix,tcp,tcp4, andtcp6FaceUris are accepted.By default,
unix:///run/nfd/nfd.sockis used on Linux andunix:///var/run/nfd/nfd.sockis used on other platforms.Note
This value can be overridden using the
NDN_CLIENT_TRANSPORTenvironment variable.
Key Management¶
- pib
The public key information for each private key stored in TPM. The format for this setting is:
pib=[scheme]:[location]
Possible values for
[scheme]are:pib-sqlite3: local PIB implementation using the SQLite3 storage engine. This is the default.Possible values for
[location]:absolute path where the SQLite3 database will be stored
relative path (relative to
client.conf)empty: the default path
$HOME/.ndnwill be used
When
[location]is empty, the trailing:can be omitted. For example:pib=pib-sqlite3
Changing PIB scheme without changing location is not allowed. If a change like this is necessary, the whole backend storage must be destroyed. For example, when the default location is used:
rm -rf ~/.ndn/ndnsec-*
It is not recommended to share the same directory between machines, e.g. via NFS. Simultaneous access from multiple machines may cause errors.
Note
This value can be overridden using the
NDN_CLIENT_PIBenvironment variable.- tpm
Trusted Platform Module (TPM) where the private keys are stored. The format for this setting is:
tpm=[scheme]:[location]
Possible values for
[scheme]are:tpm-osxkeychain: secure storage of private keys in the macOS Keychain with OS-provided access restrictions.The
[location]parameter is ignored.May not work for daemon applications, as user interaction may be required to access the macOS Keychain.
tpm-file: file-based storage of private keys. This is the default.Possible values for
[location]:absolute path to directory that will store private/public key files (unencrypted with
0700permission)relative path (relative to
client.conf)empty: the default path
$HOME/.ndn/ndnsec-key-filewill be used
When
[location]is empty, the trailing:can be omitted. For example:tpm=tpm-file
Changing the ``tpm`` setting is only possible together with ``pib`` setting. Otherwise, an error will be generated during PIB/TPM access.
It is not recommended to share the same directory between machines, e.g. via NFS. Simultaneous access from multiple machines may cause errors.
Note
This value can be overridden using the
NDN_CLIENT_TPMenvironment variable.