Gateway XML File Reference
note
This page talks about the gateway.xml file. If you are instead looking for information on the Gateway Configuration file, also called ignition.conf, click here.
This section details the various configuration changes that can be made to the gateway.xml file. Select networking properties, such as port configuration, Gateway SSL properties, and more will be covered here. Many of these settings can also be modified in the Gateway's Web Server settings.
Property Format​
The properties in the gateway.xml file follow the convention below:
| Format | Example |
|---|---|
<comment>Context Settings</comment> | <entry key="gateway.port">8088</entry> |
Configuration File Location​
The gateway.xml file can be found at:
%IgnitionInstallationDirectory%/data/gateway.xml
See the Installing and Upgrading Ignition page for default installation directories.
Gateway XML Properties​
The table below lists all the properties found in the gateway.xml file.
caution
Keep in mind that while these properties can be modified, most installations won't need to. If you are interested in changing these properties, please read through the descriptions thoroughly, and consult with our support department before proceeding.
| System Property | Description |
|---|---|
<entry key="gateway.publicAddress.httpPort"></entry> | The public facing HTTP port that Vision Clients and Perspective Sessions must use to connect, such as 80. No default value. |
<entry key="gateway.publicAddress.autoDetect"></entry> | Set this property to false to specify an explicit HTTP address that Vision Clients and Perspective Sessions will use. Most users will leave autodetect on. Default is true. |
<entry key="gateway.publicAddress.httpsPort"></entry> | The public facing HTTPS port that Vision Clients and Perspective Sessions must use to connect. If Force Secure Redirect is enabled, redirected connections will use this port. No default value. |
<entry key="gateway.forceSecureRedirect"></entry> | If both this property and SSL/TLS are enabled, all HTTP traffic will be redirected to its HTTPS counterpart. Default is false. |
<entry key="gateway.metroSSLPort"></entry> | The port to which Ignition will listen for incoming HTTPS traffic over the Gateway Area Network (GAN). Default is 8060. |
<entry key="gateway.includedCipherSuites"></entry> | Whitelist of included cipher suits for clients connecting to Ignition using SSL/TLS. Default is an empty array []. |
<entry key="localdb.autobackup.delay"></entry> | This setting determines how much of a delay there is in between backups of Ignition's config.idb file, in minutes. The backup file is generated in the %IgnitionInstallationDirectory%/data/db/autobackup folder. Default is 2. |
<entry key="context.startup.useautobackups"></entry> | Whether or not the Gateway will have automatic backups enabled. Default is true. |
<entry key="gateway.sslport"></entry> | The port to which Ignition will listen for incoming webserver HTTPS traffic, such as Designers, Vision Clients, Perspective sessions, and Gateway web configuration settings. Default is 8043. |
<entry key="context.props.version"></entry> | Identifies which version of the context properties the gateway.xml file uses. Default is 3. |
<entry key="gateway.port"></entry> | The port to which Ignition will listen for incoming HTTP traffic. Default is 8088. |
<entry key="gateway.useProxyForwardedHeader"></entry> | When enabled, the Gateway inspects each incoming HTTP request in search for headers that indicate it has been forwarded by one or more proxies. If these headers are present, then the request is updated so that the proxy is not seen as the other end point of the connection from which the request originated. Default is false. Warning: Enabling this setting when users can directly connect to the Gateway is a security risk. This setting is intended to be used in scenarios where untrusted users will not be able to bypass a trusted proxy that is responsible for setting the appropriate headers. For more information, see Use Proxy Forwarded Headers Explained. |
<entry key="localdb.autobackup.count"></entry> | The number of automatic Gateway backups that will be retained before old backups are overwritten. Default is 5. |
<entry key="gateway.maxThreads"></entry> | The maximum number of webserver threads that are allowed. Webserver threads are needed when communicating with the Gateway or if a subsystem does not have it's own thread pool. Some example subsystems that use webserver threads are:
300. |
<entry key="localdb.faultbackup.count"></entry> | The number of backups from Ignition's faulted config.idb file. Backups of faulted config.idb files will follow a naming convention containing faulted_ as a prefix. Default is 3. |
<entry key="data.dir"></entry> | The relative directory in which the data directory is stored at. Used when the web server parses information for web resources and settings outside of a Gateway context. This allows for the data directory to be used for both Gateways and commissioning. Modifying this property will require that files from the previous data folder are migrated to the new destination. Default is data\. |
<entry key="gateway.resolveHostNames"></entry> | When enabled, Ignition's web server will attempt to resolve the remote HTTP client's hostname by performing a reverse DNS lookup using the remote HTTP client's IP address where appropriate. Enabling this setting could have a performance impact as the Gateway may attempt an expensive hostname lookup when handling requests. When disabled, Ignition's web server will not attempt to resolve hostnames, and any queries for the remote HTTP client's hostname will result in their IP address instead. When enabling this setting, it is highly recommended that reverse DNS is configured to prevent host lookup failures. This includes configuring valid mappings from users' IP addresses to their hostnames, and from users' hostnames back to their IP addresses. If reverse DNS isn't configured, then DNS queries could block certain requests until the queries time out (default of 10 seconds). Default is false. |
<entry key="gateway.acceptCount"></entry> | Controls how many connections are allowed against the Gateway port, also known as the accept queue size or accept backlog. Default is 100. |
<entry key="gateway.excludedCipherSuites"></entry> | Blacklist of excluded cipher suits for clients connecting to Ignition using SSL/TLS. Takes precedence over allowed cipher suits. Default is an empty array []. |
<entry key="gateway.publicAddress.address"></entry> | The public facing address that Vision Clients and Perspective Sessions must use to connect, such as yourcompany.com. If Force Secure Redirect is enabled, redirected connections will use this address. No default value. |