PVWA Parameter File (Web.config)
The web.config file contains the configuration parameters for the PVWA Web application. During installation, the file is copied to the PVWA installation folder on the PVWA server, located in the Inetpub\wwwroot\PasswordVault folder.
Other than the web.config file, all the PVWA parameter files are configured in the PVWA interface. For more information, see Configure the system through PVWA.
|
All parameters must be specified without spaces. |
|
Parameter |
Description |
||
|---|---|---|---|
|
VaultFile |
The full path name of the Vault.ini file that contains the settings of the Password Vault (e.g. Address, Port, etc.). The IIS user must have read permissions for the file. Acceptable values: Full path name |
||
|
GWFile |
The full path name of the user credential file that contains the Agent Account Vault username and encrypted password. The IIS user must have both read and write permissions for the file in order to change the password of the Agent account. Acceptable values: Full path name |
||
|
HomePage |
The page that appears when a user clicks the CyberArk logo. Acceptable values: Page name |
||
|
CustomerLogoURL |
The URL that is displayed when the user clicks the customized logo. Acceptable values: URL |
||
|
ConfigurationCredentialFile |
The credentials file for the application user. Acceptable values: Full path name |
||
|
ConfigurationSafeName |
The name of the Safe where the application configuration files are stored. Acceptable values: Safe name |
||
|
LogFolder |
The full path name to a folder where the log files are stored. Acceptable values: Full path name |
||
|
ApplicationID |
Identifies the instance of the PVWA on the machine. Use when more than one instance is installed on the same machine. Type: String |
||
|
FullVersionEnabled |
Whether or not users can access the PVWA through the full version of the PVWA. Acceptable Values: Yes/No Default value: Yes |
||
|
MobileVersionEnabled |
Whether or not users can access the PVWA through the mobile version of the PVWA. Acceptable Values: Yes/No Default value: Yes |
||
|
RSADecodeUserName |
Whether or not to decode user names received from RSA authentication. For SecureID authentication through the PVWA, make sure this parameter is set to Yes. Acceptable Values: Yes/No Default value: Yes |
||
|
maxRequestLength |
The maximum size in KB of each request that is carried out by the PVWA. This includes the size of files that can be stored in the Vault and opened. Type: Number Default value: 10000 |
||
|
executionTimeout |
Specifies the number of seconds after which a request is automatically timed out.
Type: Number Default value: 90 |
||
|
AdvancedFIPSCryptography |
Enables advanced FIPS cryptography. Acceptable Values: Yes/No Default value: No |
||
|
maxJsonLength |
Specifies the length of the JSON request.
Type: Number |
||
|
PSMConnectionTimeout |
Specifies the number of seconds that the PSM will try to connect to a remote machine, after which the connection is automatically timed out. This parameter is optional.
Type: Number between 0-500 Default value: 60 |
||
|
LoadBalancerClientAddressHeader |
The HTTP Header field's name from which the PVWA should read the client IP. This parameter should be used when the PVWA is behind a load balancer. If the PVWA is behind a load balancer and this parameter is not used, or the specified value does not exist in the HTTP Header, the Vault will log incoming requests as if their source is the load balancer and not the real client IP. Acceptable Values: String |
||
| EnableThrottling |
Enables API throttling. Type: Yes/No Mandatory: No Default value: No |
||
| MaxCPUUsage |
The percentage of CPU usage required in order for throttling to take effect. Type: Integer between 1-100 Mandatory: no Default value: 90 |
||
| MaxRequestPerProcessor |
The maximum number of average requests per processor required in order for throttling to take effect. Type: Non-negative integer Mandatory: No Default value: 8 |
||
| NoOfSecondsBetweenSamples |
Number of seconds between each sample of system metrics. Type: Non-negative integer Mandatory: No Default value: 15 |
||
| MinNoOfFailedConsecutiveSamples |
Number of consecutive failed samples required in order for throttling to take effect. Type:Positive integer Mandatory: No Default value: 8 |
