+ # optional tls_ca_mode specifies where to find the cacert.pem for tls
+ # can be one of these:
+ # "cert_directory" - use the cacert.pem stored locally in cert_directory.
+ # this is the default if cacert.pem file is found
+ #
+ # "os_ca_bundle" - use the public ca_bundle provided by linux system.
+ # this is the default if cacert.pem file not found
+ #
+ # "do_not_verify" - special hack to turn off the verification by cacert and hostname
+ tls_ca_mode : "cert_directory"
+ # optional tls_wss_ca_mode specifies the same for the tls based web-socket
+ tls_wss_ca_mode : "cert_directory"
+ # optional timeout_in_secs specifies the timeout for the http requests
+ timeout_in_secs: 60
+ # optional ws_ping_interval_in_secs specifies the ping interval for the web-socket connection
+ ws_ping_interval_in_secs: 30
+ # deploy_handler config
+ # changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0
+ deploy_handler :
+ # name of deployment-handler service used by policy-handler for logging
+ target_entity : "deployment_handler"
+ # url of the deployment-handler service for policy-handler to direct the policy-updates to
+ # - expecting dns to resolve the hostname deployment-handler to ip address
+ url : "https://deployment-handler:8443"
+ # limit the size of a single data segment for policy-update messages
+ # from policy-handler to deployment-handler in megabytes
+ max_msg_length_mb : 5
+ query :
+ # optionally specify the tenant name for the cloudify under deployment-handler
+ # if not specified the "default_tenant" is used by the deployment-handler
+ cfy_tenant_name : "default_tenant"
+ # optional tls_ca_mode specifies where to find the cacert.pem or skip tls verification
+ # can be one of these:
+ # "cert_directory" - use the cacert.pem stored locally in cert_directory.
+ # this is the default if cacert.pem file is found
+ #
+ # "os_ca_bundle" - use the public ca_bundle provided by linux system.
+ # this is the default if cacert.pem file not found
+ #
+ # "do_not_verify" - special hack to turn off the verification by cacert and hostname
+ tls_ca_mode : "cert_directory"
+ # optional timeout_in_secs specifies the timeout for the http requests
+ timeout_in_secs: 60