Settings and documentation com.l7tech in system.properties

book

Article ID: 77089

calendar_today

Updated On:

Products

CA API Gateway (Layer 7) SA94 to API SECURITY STARTER PACK-7 CA Rapid App Security MOBILE API GATEWAY CA Mobile - API Gateway CA API Gateway

Issue/Introduction



In the system.properties file you can set several com.l7tech.* properties. 
User is looking for which com l7tech properties are available with description and default value. 
Second the supplied values for these properties can be constrained by built-in limits.

#com.l7tech.service.metrics.enabled=true 
#com.l7tech.service.metrics.maxFineAge=3600000 
#com.l7tech.service.metrics.maxHourlyAge=604800000 
#com.l7tech.service.metrics.maxDailyAge=31536000000 

#com.l7tech.security.sslj.sharedSessionCache.enable=true 
#com.l7tech.security.sslj.sessionCache.maxEntries=2500 
#com.l7tech.server.perAssertionTlsSessionCacheSize=2000 

Third how are these properties propagated between the gateway releases.
If a property is needed in 8.1 and my system is upgraded to 9.2,  does the user still need this property or is the property now a system default or fixed? 

Environment

env: 9.3

Resolution

The following parameters are mainly used for service metrics collections.
#com.l7tech.service.metrics.enabled=true 
#com.l7tech.service.metrics.maxFineAge=3600000 
#com.l7tech.service.metrics.maxHourlyAge=604800000 
#com.l7tech.service.metrics.maxDailyAge=31536000000 

The data in `service_metrics` is being used by the Policy Manager’s dashboard.   
It is possible to stop the service metrics altogether by using the Cluster-Wide Property "serviceMetrics.enabled". 
These parameters can be used in adhoc basis in 9.x as required. 

Prior to 9.2 we used RSA as default crypto provider to run GW in both FIPS/non FIPS mode, from 9.2 we are using ccj as default crypto provider. 
If the user wants to use RSA as crypto provider then user can continue using below two system properties 
#com.l7tech.security.sslj.sharedSessionCache.enable=true 
#com.l7tech.security.sslj.sessionCache.maxEntries=2500 

and third property #com.l7tech.server.perAssertionTlsSessionCacheSize=2000 is nowhere used in 9.2 and 9.3 version