Key/Value Pairs in local-appsettings.config
The local-appsettings.config file contains configuration key/value pairs, CMS 10.6 SSH replication and CMS Asset SFTP access cipher suites, and CMS 10.6 asset text search index settings. While you may see various settings defined in local-appsettings.config, this topic focuses on settings that enable/disable features and functionality specific to the CMS experience.
This topic includes:
Key/Value Pairs
local-appsettings.config key\value pairs include:
| Key Name | Value | Description |
|---|---|---|
| userdomain | Default value: Empty string Example value: ingeniux | This value sets a default domain for CMS environments authenticating against a domain. If the Domain Controller option is selected during the Select User Provider Type step of the CMS installation process, the domain specified during setup populates the userdomain value field. See step 10 in Creating CMS Site Instances for details. |
| tempImageTimeOut | Default value: 30 | This value represents the maximum number of seconds to write a temporary image file to disk after a user edits an image in the CMS before a timeout occurs. If a timeout occurs when writing an image file to disk, the operation stops. |
| redirectToHttpAboutLogin | Default value: true | This setting is for https only. If set to true, redirect to http. If set to false, stays as https, |
| includeErrorStackTrace | Default value: false | If set to true, the stack trace for errors in the CMS displays via a pop-up alert in the UI. The CMS always logs the stack trace, regardless of whether the includeErrorStacktrace value is true or false. This setting is used for internal development only. |
| ravenIndexDocumentDifferenceLimit | Default value: 2000 | The system checks and compares the configured value to 10 percent of the total document size in RavenDB's ContentStore. The system chooses the smaller of the two numbers and uses this number to determine if the index is out-of-sync. If this number is larger, the system resets the index. If the RavenDB Index resets, a warning-level entry is written to the CMS logs. Example CMS Log Entry: [WARN] [2019-04-17 13:56:36.3122] - Raven System Index detected incomplete. Resetting. Index count: 420196, Doc Count: 415099 The CSAPI logs always show a check occurring and warn if the document difference limit condition is met to trigger a re-indexing event. The re-indexing event only occurs if the performRavenIndexSanityCheckOnStartup configuration value is set to true (see table row). |
| performRavenIndexSanityCheckOnStartup | Default value: false | This value determines if RavenDB indexes reset if the document difference limit is met. If set to true and the ravenIndexDocumentDifferenceLimit condition is met, a re-indexing event occurs. |
| syncIndexDefinitionsOnContentStoreInit | Default value: false | RavenDB index definitions are only checked and updated during the CMS upgrade process. If an external application that uses the RavenDB ContentStore creates a custom index for the CMS, this index regenerates during an upgrade event. If set to true, all index definitions for RavenDB are pushed when the application pool is restarted. |
| Raven/Encryption/FIPS | Default value: true | Raven Client Settings |
| showUtilityTree | Default value: true | If set to true, shows Site Tree and Assets Tree utility buttons. |
| siteStatusDialogDelay | Default value: 20000 | This setting delays (in milliseconds) during a long operation before displaying the Site Status dialog. |
| EnableIngeniuxSFTPServer | Default value: false | This setting controls whether or not to enable the SFTP server for Ingeniux Assets. Note The port and private
key are controlled by IgxSftpSettings/1 document in the database. |
| DisableRavenClientCache | Default value: false | If set to true, this setting reduces the memory footprint for the CMS application pool. Troubleshooting Customers who monitor their CMS server environments may notice
high memory usage for the CMS application pool. |
| AliasAutoUpdate | Default value: true | Version Notes: CMS 10.6 This setting
is exclusive to CMS 10.6. This setting determines the update behavior when aliased DITA content contains new checked-in changes. If true, the alias auto-update behavior becomes enabled. If false, the system requires users to manually update aliases. See DITA Publishing Architecture in Ingeniux CMS for details about the CMS 10.6 DITA publishing pipeline. See Alias and DITA Content Updates for details about the DITA alias update feature. |
| DITAProcessingParallelism | Default value: 1 | Version Notes: CMS 10.6 This setting
is exclusive to CMS 10.6. By default, CMS DITA-OT processing is sequential. This setting enables parallel DITA-OT processing and determines the maximum number of parallel processes the CMS will allow at once. When publishing multiple maps, parallel processing can help to reduce publishing times, particularly for large maps with DITA dependencies that overlap with other maps. Note 4 is the maximum value of parallel processes that the CMS
will support. |
| OAuth/AccessExpiration | Example value: 00:20:00 | Version Notes: CMS 10.6 This setting
is exclusive to CMS 10.6. This setting determines when the OAuth access tokens expire. For example, if the value is 00:20:00, then the tokens remain valid for 20 minutes. The tokens expire after that time frame ends. |
| OAuth/RefreshAdditionalExpiration | Example value: 01:30:00 | Version Notes: CMS 10.6 This setting
is exclusive to CMS 10.6. This setting determines when the OAuth refresh token expires. For example, if the value is 01:30:00, then the fresh token remains valid for an hour and 30 minutes. The token expires after that time frame ends. |
CMS 10.6 Asset Text Search Settings
CMS 10.6 provides asset text search functionality. After configuration, users can access the utility bar search feature to run text queries on text-based assets (XML, HTML, markdown, etc.).
The asset text search feature requires system administrators to configure the asset content indexing settings in local-appsettings.config. Use the following key/value pairs to configure settings for asset text search.
| Key Name | Value | Description |
|---|---|---|
| AssetContentIndexing_Enabled | Default value: false | If false, asset text search indexing becomes
disabled. If true, asset text search indexing becomes enabled. This setting is required for users to run asset text searches. |
| AssetContentIndexing_InitialIndexingProcessorsCount | Default value: 0 Example value: 2 | Choose the number of processors that
will index the asset text content on the server. If set to the default value 0, half of the processors index the asset text. If set to a positive number, then the system specifies the exact number of processors to index the asset text based. For example, if set to 2, then two processors index the asset text. |
| AssetContentIndexing_SideBySideDisabled | Default value: true | Similar to InSite Search, the asset
text search feature supports side-by-side indexing. If true, side-by-side indexing becomes disabled. If false, side-by-side indexing becomes enabled. Caution We recommend disabling this setting for large sites with thousands of assets.
Side-by-side indexing will result in an extensive asset text index. |
| AssetContentIndexing_OptimizationPeriod | Default value: 14 | This setting determines the
scheduling cycle (in days) for search performance optimization. For example, if set to 14, the process occurs every 14 days (i.e., two weeks). This process optimizes search performance speed by periodically consolidating indexing from multiple files into a single file. |
| AssetContentIndexing_SbsMaxReaderFailureCount | Default value: 15 | This setting correlates with AssetContentIndexing_SideBySideDisabled. The value sets the maximum reader failure count for side-by-side indexing. When the asset text search index exceeds the maximum reader failure count, side-by-side indexing no longer occurs. |
| AssetContentIndexing_SbsIndexingSideLimitMB | Default value: 500 | This setting correlates with AssetContentIndexing_SideBySideDisabled. The value sets the maximum capacity (in MB) for side-by-side indexing. When the asset text search index exceeds maximum capacity, side-by-side indexing no longer occurs. |
| AssetContentSearch_FragSize | Default value: 200 | This setting determines the
fragmentation size of the highlighted text, where the text displays in its surrounding
context via the returned search results. If CMS users search with frags, the system executes fragmentation via direct API calls. If users search without explicitly requesting frags, the system ignores this setting and does not generate frags. Caution Fragmentation slows search performance by
at least 60 percent due to high memory usage. |
CMS 10.6 SSH Replication and CMS Asset SFTP Access Cipher Suites
CMS 10.6 provides local-appsettings.config settings related to SSH replication cipher suites and to CMS Asset SFTP access cipher suites.
CMS 10.6 SSH Replication Cipher Suites
SSH Replication encryption settings include:
<!-- SFTP Encryption Settings, Id list semi-colon separated. see: https://www.rebex.net/sftp.net/features/ssh.aspx -->
<add key="SFTP/KeyExchangeCiphers" value="" />
<add key="SFTP/HostKeyAlgorithms" value="" />
<add key="SFTP/EncryptionCiphers" value="" />
<add key="SFTP/MACCiphers" value="" />See Rebex: SSH Core for details. Use semi-colons (;) to delimit values.
CMS 10.6 also provides the following code configuration to enable or disable Rebex FIPS compliance:
<add key="Replication/Encryption/FIPS" value="false" />By default, the configuration disables Rebex FIPS compliance.
The SSH replication settings require this configuration. Rebex FIPS ciphers only include CBC cipher sets, which most hardened environments disable due to vulnerabilities in CBC padding attacks.
CMS 10.6 Asset SFTP Access Cipher Suites
Asset SFTP access encryption settings include:
<!-- SFTP Encryption Settings for Assets, Id list semi-colon separated. see: https://www.rebex.net/sftp.net/features/ssh.aspx#ciphers -->
<add key="Assets/SFTP/KeyExchangeCiphers" value="" />
<add key="Assets/SFTP/HostKeyAlgorithms" value="" />
<add key="Assets/SFTP/EncryptionCiphers" value="" />
<add key="Assets/SFTP/MACCiphers" value="" /> See the tables in Rebex: SSH Ciphers for details about Key Exchange, Host Key, Encryption, and MAC ciphers. Use semi-colons (;) to delimit values.
The following example demonstrates a Key Exchange cipher setting that uses a specific suite set:
<add key="Assets/SFTP/KeyExchangeCiphers" value="diffie-hellman-group16-sha512;diffie-hellman-group14-sha256" />