In the configuration parameter list, two configuration settings used an array of records as a data type:
-
config.client_jwk
: Array of JWK records (one for each client) -
config.session_redis_cluster_nodes
: Array of host records, either as IP addresses or hostnames, and their ports.
JWK record
The JSON Web Key (JWK) record is specified in RFC7517.
This record is used with the config.client_jwk
when using private_key_jwk
client authentication.
Here is an example of a JWK record generated by the plugin itself (see JSON Web Key Set):
{
"kid": "B2FxBJ8G_e61tnZEfaYpaMLjswjNO3dbVEQhR7-i_9s",
"kty": "RSA",
"alg": "RS256",
"use": "sig",
"e": "AQAB",
"n": "…",
"d": "…",
"p": "…",
"q": "…",
"dp": "…",
"dq": "…",
"qi": "…"
}
The JWK private fields (k
, d
, p
, q
, dp
, dq
, qi
, oth
, r
, t
) are referenceable,
which means they can be securely stored as a
secret
in a vault. References must follow a specific format.
Host record
The Host record used with the config.session_redis_cluster_nodes
is simple.
It contains ip
or host
, and the port
where the port
defaults to 6379
.
Here is an example of a Host record:
{
"ip": "127.0.0.1"
"port": 6379
}