Name	Communication Method	Description
host-name	Secure Agent Channel	The host name of the Process Engine server.
shutdown-port	Secure Agent Channel	Process Server Tomcat shutdown port.
key-alias	HTTPS	The identifier of the keystore record that contains security keys for HTTPS communication.
key-store	HTTPS	The path and file name of the key store file that Application Integration uses for HTTPS communication. When you install the Secure Agent, you can find the key store in the following default location: <Secure Agent installation directory>/apps/process-engine/conf/ae.keystore You can also enter a relative path. For example, if the current working directory is the Secure Agent installation directory, enter the following value to point to the ae.keystore file: ../conf/ae.keystore The file path can contain only forward slashes ( / ).
key-store-password	HTTPS	The key store password. Default is password .
trust-store	HTTPS	The path and file name of the trust store file that Application Integration uses for HTTPS communication. When you install the Secure Agent, you can find the trust store in the default location: <Secure Agent installation directory>/apps/process-engine/conf/ae.cacerts You can also enter a relative path. For example, if the current working directory is the Secure Agent installation directory, enter the following value to point to the ae.cacerts file: ../conf/ae.cacerts The file path can contain only forward slashes ( / ). If you want to import public certificates for service endpoint authentication, place them in the following location: <Secure Agent installation directory>/apps/process-engine/conf/certs
trust-store-password	HTTPS	The trust store password. Default is changeit . You can change the password.
ldap-enabled-realm	HTTP/HTTPS	Set this property to true if you want to use an LDAP provider for authentication. Use the LDAP provider as a centralized form of authentication when you have clustered Secure Agents.
ldap-properties	HTTP/HTTPS	The LDAP properties that you need to configure. Edit the existing properties to suit your LDAP provider. Your LDAP password does not appear on screen. The value of $(pe.ldap.password) is taken from the PE_LDAP_PASSWORD environment variable.
ssl-enabled-protocols	HTTPS	The TLS protocol to use. TLSv1.2 is the default protocol. You can add version TLSv1.3 for a faster TLS handshake and to use secure cipher methods. The TLSv1.3 protocol supports the following additional cipher suites for improved security: TLS_AES_128_GCM_SHA256 TLS_AES_256_GCM_SHA384 For more information about supported ciphers, see the Change in Cipher Suites for IDMC Knowledge article. The TLSv1.0 and TLSv1.1 protocols are no longer supported.
ephemeral-DH-key-size	HTTPS	The key length of the secure algorithm. Default is 2048 . Change this value only if you face compatibility issues.
use-secure-ciphers-only	HTTPS	Limits the set of ciphers used during a call to the endpoint to secure ciphers only. Default is true . Change this value to false only if you face compatibility issues.
fips-enabled	HTTPS	Set this property to true to enable the Federal Information Processing Standard (FIPS) mode on a Secure Agent. When you enable the FIPS mode, Windows uses the FIPS validated cryptographic algorithms. Default is false .

Name	Communication Method	Description
name	HTTP/HTTPS	The name of the Secure Agent group.
primary-node	HTTP/HTTPS	Set this property to true if you want the Secure Agent to be the master agent. When you select a master agent, you create a Secure Agent cluster. In a cluster, all Secure Agents share the postgreSQL database of the master Secure Agent.
load-balance-url	HTTP/HTTPS	The load balancer URL that you can use to invoke the process deployed to the Secure Agent. Applicable if you have a load balancer.

Name	Communication Method	Description
min-heap	Secure Agent Channel	The minimum heap memory that Process Server allocates to the Tomcat JVM.
max-heap	Secure Agent Channel	The maximum heap memory that Process Server allocates to the Tomcat JVM.
additional-properties	Secure Agent Channel	A custom system property that you can add to the Tomcat JVM set. For example, you can set the custom property -Dsun.net.inetaddr.ttl=60

Name	Communication Method	Description
http-port	HTTP	The HTTP port to which the Secure Agent sends data. The default port is 7080. You can leave this property empty to disable non-secure connections. After this configuration, when you invoke an Application Integration process using the HTTP endpoint URL, an error occurs. For more information about the construction of REST and SOAP endpoint URLs, see the Application Integration help.
http-maxThreads	HTTP	The maximum number of connections that Process Server creates with Application Integration over HTTP.
http-connectionTimeout	HTTP	The maximum time, in milliseconds, that Process Server waits for an HTTP connection to reply.
https-port	HTTPS	The HTTPS port to which the Secure Agent sends data. You must enter a value in this property for the Secure Agent to successfully establish a connection. The default port is 7443. For more information about the construction of REST and SOAP endpoint URLs, see the Application Integration help.
https-maxThreads	HTTPS	The maximum number of connections that Process Server creates with Application Integration over HTTPS.
https-connectionTimeout	HTTPS	The maximum time, in milliseconds, that Process Server waits for an HTTPS connection to reply.
secure-channel maxThreads	Secure Agent Channel	The maximum number of connections that Process Server creates with Application Integration .
secure-channel-connectionTimeout	Secure Agent Channel	The maximum time, in milliseconds, that Process Server waits for a connection to reply.

Name	Communication Method	Description
type	Secure Agent Channel	The database type that Process Server runs on. Do not change this setting. The Application Integration Secure Agent does not support other databases.
driver	Secure Agent Channel	The database driver that Process Server runs on. Do not change this setting. The Informatica Cloud Secure Agent does not support other databases.
URL	Secure Agent Channel	URL at which Process Server accesses the database. Do not change this setting. The Informatica Cloud Secure Agent does not support other databases.
maxActive	Secure Agent Channel	The maximum number of active connections allocated to the Process Server database at the same time.
maxIdle	Secure Agent Channel	The maximum number of connections that can remain idle at a time in the Process Server database. Process Server releases connections if the number of idle connections crosses this number.
maxWait	Secure Agent Channel	The maximum time that the Process Server database waits for a connection if none are available.
connection-properties	Secure Agent Channel	Key-value pairs of database connection properties. Some keys are available by default. Do not delete the default keys. However, you can change the values of these keys. You can add other key-value pairs. For example, you can add the following key-value pair: key: autoReconnect value: true

Name	Communication Method	Description
logUrl	Secure Agent Channel	The URL at which the Process Server accesses the logging data source to redirect the process logging data. Default is jdbc:postgresql://localhost:5432/activevos .
logMaxActive	Secure Agent Channel	The logs for the maximum number of active connections allocated to the Process Server database at the same time. Default is 50 .
logMaxIdle	Secure Agent Channel	The logs for the maximum number of connections that remained idle at a time in the Process Server database. Default is 5 .
logMaxWait	Secure Agent Channel	The logs for the maximum time that the Process Server database waited for a connection if none was available. Default is 30000 .
logConnection-properties	Secure Agent Channel	The key-value pairs of the logging database connection properties. The following keys are available by default: - key: timeBetweenEvictionRunsMillis value: 300000 - key: testOnBorrow value: true - key: testWhileIdle value: true Do not delete the default keys. However, you can change the values of these keys. You can add other key-value pairs. For example, you can add the following key-value pair: - key: autoReconnect value: true

Name	Communication Method	Description
org_apache_catalina_core_ContainerBase_Catalina_localhost_level	Secure Agent Channel	The level of logging in the localhost.log file when you host Tomcat on a virtual machine. Default is INFO .
org_apache_catalina_core_ContainerBase_Catalina_localhost_manager_level	Secure Agent Channel	The level of logging in the manager.log file when you host Tomcat on a virtual machine. Default is INFO .
org_apache_catalina_core_ContainerBase_Catalina_localhost_host-manager_level	Secure Agent Channel	The level of logging in the host-manager.log file when you host Tomcat on a virtual machine. Default is INFO .
log4j2_root_level	Secure Agent Channel	The logging level of the ROOT logger. Default is INFO .
additional-logging	Secure Agent Channel	The name-level of logging pair for a specific class. Default is: - name: org.apache.camel.component.file.remote.SftpOperations level: ERROR

Name	Type	Description
https-clientAuth	connectors	Set this property to true to enable mutual authentication after upgrading the Process Server. For more information about configuring this property, see Enabling mutual authentication for Process Server.
replication_upgrade	db	Set this property to true to enable the replication upgrade of the PostgreSQL database for a Secure Agent. For more information about configuring this property, see Upgrade the Process Server with the latest package.
ssl-implementation	server	Set this property to override the class name of the ssl implementation to be used in Tomcat. Default is org.apach.tomcat.util.net.jsse.JSSEImplementation .