Sample BDT Config File
{
"inputDirectory": "C:\\samples\\resources", /* The path to the directory in which the input file or database is placed. */
"outputDirectory": "C:\\samples\\resources\\temp", /* The path to the directory in which the output file or database needs to be placed. */
"threadCount": 4, /* Maximum number of running threads to transform file. */
"batchSize": 1000, /* Number of records processed in batch. */
"vts": {
"hostName": "<ip address>", /* Hostname of a machine where tokenization server is running. */
"userName": "webadmin", /* The CT-VL username. */
"password": "", /* The CT-VL password. Do not put plaintext here, use "bdt -e" option to put encrypted value here. */
"tokenUrl": "https://<ip address>/vts/rest/v2.0/tokenize", /* The CT-VL tokenize REST URL. */
"detokenUrl": "https://<ip address>/vts/rest/v2.0/detokenize", /* The CT-VL detokenize REST URL. */
"ssl" : {
"server": { /* SSL configuration for server. */
"sslmode": "DEFAULT", /* SSL mode (DEFAULT, ALLOW_ALL - allow everything, SPECIFY_SSL_CERT - communicate if server certificate exists in the specified truststore). */
"verifyHostname": true, /* Whether to do hostname verfication */
"truststore": "", /* Truststore file path, truststore should have server certificate. Applicable only for SPECIFY_SSL_CERT mode. */
"password": "" /* Truststore file password. Applicable only for SPECIFY_SSL_CERT mode. */
},
"client": { /* SSL configuration for client. */
"sslmode": "DEFAULT", /* SSL mode (DEFAULT/ALLOW_ALL - do not send client authentication, SPECIFY_SSL_CERT - send client authentication certificate in the specified keystore). */
"keystore": "", /* Keystore file path. Keystore should have client key and certificate. */
"storepassword": "", /* Keystore file password. */
"keypassword": "" /* Key file password, usually same as keystore password. */
}
}
}
"crypto": { /* Settings for the cryptographic provider used in this BDT configuration. */
"@type":"jce", /* Two types of cryptographic providers - one is default jce (CADP-JCE) and other is vae. */
"username":"nameofuser", /* The name of user who owns the key. If user is in a specific domain, use domain||username format. For example, thales||joe, where thales is the domain and joe is username. */
"password":"" /* Password for the user. */
}
"dataProtectionConfig": { /* Contains credential information which will be used to get centralized policy. */
"@type": "user_certificate", /* BDT supports two login methods - password and user_certificate. */
"hostName": "", /* Hostname of key manager. */
"serverConfig": { /* Used only when @type value is user_certificate. */
"truststore": "", /* Truststore file path, truststore should have server certificate. */
"password": "", /* Truststore file password. */
"verifyHostname": "true" /* Set to "true" to enable hostname verification for SSL communication, and "false" to disable hostname verification. */
},
"clientConfig": { /* Used only when @type value is user_certificate. */
"keystore": "", /* Keystore file path of the client. */
"storePassword": "", /* Keystore file password of the client. */
"keyPassword": "" /* Key file password, usually same as keystore password. */
}
},
"characterSets":[ /* Contains configurable list of charset names and their range. */
{
"latin":["0020-007E"] /* Latin character sets. */
},
{
"digits":["0030-0039"] /* Digits character sets. */
},
{
"alphabets":["0041-005A","0061-007A"] /* Alphabets character sets. */
},
{
"alphanumeric":["0030-0039", "0041-005A", "0061-007A"] /* Alphanumeric character sets. */
}
]
}{
"inputDirectory": "C:\\samples\\resources", /* The path to the directory in which the input file or database is placed. */
"outputDirectory": "C:\\samples\\resources\\temp", /* The path to the directory in which the output file or database needs to be placed. */
"threadCount": 4, /* Maximum number of running threads to transform file. */
"batchSize": 1000, /* Number of records processed in batch. */
"crypto": { /* Settings for the cryptographic provider used in this BDT configuration. */
"@type":"jce", /* Two types of cryptographic providers - one is default jce (CADP-JCE) and other is vae. */
"username":"nameofuser", /* The name of user who owns the key. If user is in a specific domain, use domain||username format. For example, thales||joe, where thales is the domain and joe is username. */
"password":"" /* Password for the user. */
}
"dataProtectionConfig": { /* Contains credential information which will be used to get centralized policy. */
"@type": "user_certificate", /* BDT supports two login methods - password and user_certificate. */
"hostName": "", /* Hostname of key manager. */
"serverConfig": { /* Used only when @type value is user_certificate. */
"truststore": "", /* Truststore file path, truststore should have server certificate. */
"password": "", /* Truststore file password. */
"verifyHostname": "true" /* Set to "true" to enable hostname verification for SSL communication, and "false" to disable hostname verification. */
},
"clientConfig": { /* Used only when @type value is user_certificate. */
"keystore": "", /* Keystore file path of the client. */
"storePassword": "", /* Keystore file password of the client. */
"keyPassword": "" /* Key file password, usually same as keystore password. */
}
},
"characterSets":[ /* Contains configurable list of charset names and their range. */
{
"latin":["0020-007E"] /* Latin character sets. */
},
{
"digits":["0030-0039"] /* Digits character sets. */
},
{
"alphabets":["0041-005A","0061-007A"] /* Alphabets character sets. */
},
{
"alphanumeric":["0030-0039", "0041-005A", "0061-007A"] /* Alphanumeric character sets. */
}
]
}{
"inputDirectory": "C:\\samples\\resources", /* The path to the directory in which the input file or database is placed. */
"outputDirectory": "C:\\samples\\resources\\temp", /* The path to the directory in which the output file or database needs to be placed. */
"threadCount": 4, /* Maximum number of running threads to transform file. */
"batchSize": 1000, /* Number of records processed in batch. */
"vts": {
"hostName": "<ip address>", /* Hostname of a machine where tokenization server is running. */
"userName": "webadmin", /* The CT-VL username. */
"password": "", /* The CT-VL password. Do not put plaintext here, use "bdt -e" option to put encrypted value here. */
"tokenUrl": "https://<ip address>/vts/rest/v2.0/tokenize", /* The CT-VL tokenize REST URL. */
"detokenUrl": "https://<ip address>/vts/rest/v2.0/detokenize", /* The CT-VL detokenize REST URL. */
"ssl" : {
"server": { /* SSL configuration for server. */
"sslmode": "DEFAULT", /* SSL mode (DEFAULT, ALLOW_ALL - allow everything, SPECIFY_SSL_CERT - communicate if server certificate exists in the specified truststore). */
"verifyHostname": true, /* Whether to do hostname verfication */
"truststore": "", /* Truststore file path, truststore should have server certificate. Applicable only for SPECIFY_SSL_CERT mode. */
"password": "" /* Truststore file password. Applicable only for SPECIFY_SSL_CERT mode. */
},
"client": { /* SSL configuration for client. */
"sslmode": "DEFAULT", /* SSL mode (DEFAULT/ALLOW_ALL - do not send client authentication, SPECIFY_SSL_CERT - send client authentication certificate in the specified keystore). */
"keystore": "", /* Keystore file path. Keystore should have client key and certificate. */
"storepassword": "", /* Keystore file password. */
"keypassword": "" /* Key file password, usually same as keystore password. */
}
}
}
"dataProtectionConfig": { /* Contains credential information which will be used to get centralized policy. */
"@type": "user_certificate", /* BDT supports two login methods - password and user_certificate. */
"hostName": "", /* Hostname of key manager. */
"serverConfig": { /* Used only when @type value is user_certificate. */
"truststore": "", /* Truststore file path, truststore should have server certificate. */
"password": "", /* Truststore file password. */
"verifyHostname": "true" /* Set to "true" to enable hostname verification for SSL communication, and "false" to disable hostname verification. */
},
"clientConfig": { /* Used only when @type value is user_certificate. */
"keystore": "", /* Keystore file path of the client. */
"storePassword": "", /* Keystore file password of the client. */
"keyPassword": "" /* Key file password, usually same as keystore password. */
}
}
}
