60 lines
1.9 KiB
Plaintext
60 lines
1.9 KiB
Plaintext
emqx_psk_schema {
|
||
|
||
psk_authentication {
|
||
desc {
|
||
en: """PSK stands for 'Pre-Shared Keys'.
|
||
This config to enable TLS-PSK authentication.
|
||
|
||
Important! Make sure the SSL listener with only `tlsv1.2` enabled, and also PSK cipher suites
|
||
configured, such as `RSA-PSK-AES256-GCM-SHA384`.
|
||
|
||
See listener SSL options config for more details.
|
||
|
||
The IDs and secrets can be provided from a file which is configurable by the `init_file` field.
|
||
"""
|
||
zh: """此配置用于启用 TLS-PSK 身份验证。
|
||
|
||
PSK 是 “Pre-Shared-Keys” 的缩写。
|
||
|
||
注意: 确保 SSL 监听器仅启用了 'tlsv1.2', 并且配置了PSK 密码套件,例如 'RSA-PSK-AES256-GCM-SHA384'。
|
||
|
||
可以通过查看监听器中的 SSL 选项,了解更多详细信息。
|
||
|
||
可以通过配置 'init_file' 来设置初始化的 ID 和 密钥"""
|
||
}
|
||
}
|
||
|
||
enable {
|
||
desc {
|
||
en: "Whether to enable TLS PSK support"
|
||
zh: "是否开启 TLS PSK 支持"
|
||
}
|
||
}
|
||
|
||
init_file {
|
||
desc {
|
||
en: """If init_file is specified, EMQX will import PSKs from the file into the built-in database at startup for use by the runtime.
|
||
The file has to be structured line-by-line, each line must be in the format of `PSKIdentity:SharedSecret`.
|
||
For example: `mydevice1:c2VjcmV0`"""
|
||
zh: """如果设置了初始化文件,EMQX 将在启动时从初始化文件中导入 PSK 信息到内建数据库中。
|
||
这个文件需要按行进行组织,每一行必须遵守如下格式: `PSKIdentity:SharedSecret`
|
||
例如: `mydevice1:c2VjcmV0`"""
|
||
}
|
||
}
|
||
|
||
separator {
|
||
desc {
|
||
en: "The separator between 'PSKIdentity' and 'SharedSecret' in the PSK file"
|
||
zh: "PSK 文件中 'PSKIdentity' 和 'SharedSecret' 之间的分隔符"
|
||
}
|
||
}
|
||
|
||
chunk_size {
|
||
desc {
|
||
en: "The size of each chunk used to import to the built-in database from PSK file"
|
||
zh: "将 PSK 文件导入到内建数据时每个块的大小"
|
||
}
|
||
}
|
||
|
||
}
|