# MIR Web Server Configuration

## Introduction

This manual describes the configuration of the server-side components of the application *GBS MIR*. GBS MIR is an application designed to assist examiners in the biometric processing of registration transactions that require manual review.

The configuration procedure should be done only after the installation step. For more information, consult the [GBS Apps Installation Manual](/gbs/en/web-components/gbsappssetup.md).

## Configuration

The configuration steps are:

1. Configure Tomcat;
2. Configure the Certificates;
3. Generate the encrypted password;
4. Finalize the configurations in the config.properties file.

All steps are described below. An example of the file `config.properties` can be seen in the section [Configuration File Example](#exemplo-do-arquivo-de-configuracao).

{% hint style="danger" %}
All lines must be present in the configuration file. Commenting out or deleting lines may cause unexpected behavior. For additional information, contact the Griaule Support Team.
{% endhint %}

### Tomcat Configuration

Edit Tomcat's configuration file to configure the certificates and the port the application will use.

```sh
vi /var/lib/tomcats/mir/conf/server.xml
```

To change the port, search for `connector port=`. This is the port for backend operations.

### Certificates Configuration

To enable SSL authentication, search for `connector port=` in the file `/conf/server.xml`.

There are two entries. The commented one is the configuration for SSL. Remove the comment delimiters `<!--` and `-->`, then adjust the following parameters:

```properties
port="58194"
keystoreFile="/home/griaule/keystore"
keystorePass="password"
keyAlias="1"
clientAuth="true"
truststoreFile="/home/griaule/keystore"
truststorePass="password"
```

The parameter `port` must be the desired network port for the application.

Change the path of the `keystoreFile` and the `truststoreFile` to the appropriate values. Do the same for the `keystorePass` and the `truststorePass`.

The parameter `clientAuth="true"` will require server authentication to the client and client authentication to the server. This means the client will need to import the certificate into the browser to be able to access the application.

{% hint style="warning" %}
When **clientAuth** is set to *true*, the system administrator must provide the file **certificate.pfx** to end users.
{% endhint %}

### Database Password Encryption

In the file `config.properties`, the parameter `jdbc.password` is an encrypted password. To generate the encrypted password, follow these steps:

1. Go to the following directory:

   ```sh
   cd /var/lib/tomcats/mir/webapps/gbs-mir-server/WEB-INF/lib
   ```
2. Run the command:

   ```sh
   java -cp gbs-common-db-<version>.jar com.griaule.commons.util.EncryptUtil <desiredPassword>
   ```
3. The encrypted password will appear after the message: *"Encrypted password is:"*

{% hint style="info" %}
Save the encrypted password. It will be used in later configurations.
{% endhint %}

### Application Configuration File

To configure the file, open it with:

```sh
vi /var/lib/tomcats/best/conf/config.properties
```

The most important changes in this file are the parameters `jdbc.url`, `jdbc.username`, `jdbc.password` and `gbds.url`. Configure them according to your environment.

The complete configuration file is shown in the section [Configuration File Example](#exemplo-do-arquivo-de-configuracao)

{% hint style="info" %}
Remember to replace the encrypted password generated in the section [Database Password Encryption](#criptografia-da-senha-do-banco-de-dados) in this file.
{% endhint %}

#### MIR Configuration

The last step is to configure the IP and port of the application that the end user will access. It must be the same IP and port configured in the section [Tomcat Configuration](#configuracao-do-tomcat).

```properties
mir.ip=<ip>
mir.port=<port>
mir.protocol=<protocol>
```

{% hint style="warning" %}
Make sure the configuration parameters `mir.ip`, `mir.port` and `mir.protocol` are correctly specified in the file `config.properties`. In many cases, the IP will be the same for several applications. However, each application will have a **different and unique port**.
{% endhint %}

## Finishing the Configurations

After completing all configuration steps, return to the [GBS Apps Installation Manual - Configuration Section](/gbs/en/web-components/gbsappssetup.md#configuracoes).

## Configuration File Example

This section shows an example of the file `config.properties`.

```properties
# GBS MIR Server

jdbc.driverClassName=com.mysql.jdbc.Driver
jdbc.url=jdbc:mysql://192.168.0.200:3306/etr?useSSL=false
jdbc.username=root
jdbc.password=CDrt8vbewA2YAubPNOLZkw==
jdbc.dialect=org.hibernate.dialect.MySQLDialect
jdbc.showSql=false

locale=en_us

gbds.url=http://192.168.0.200:8085
gbds.user=gbds.authenticate
gbds.key=Griaule.123
gbds.logLevel=INFO
gbds.timeout=300
gbds.listExceptions.label=

fingerprint.useSDK=true

listFields=KEY:RG

gbds.mirUser=mir_server
sync.logLevel=INFO
same.user.simultaneous.login=false

server.standalone.port=8185

biometric.modules=FINGERPRINT,FACE
highlight.labels=

profile.cacheSize=100

mir.ip=127.0.0.1
mir.port=8120
mir.protocol=http
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.griaule.com/gbs/en/web-components/mirwebconfig.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.