Changing Java Additional Parameters
Adding or modifying parameters in the configuration file is considered an advanced configuration change. Most installations don't require any additional parameters, nor do they require modification to existing parameters. We generally discourage most users from making changes to parameters in the configuration file, as doing so could result some unintended behavior or security vulnerabilities. We list the parameters on this page for the sake of transparency. If you choose to add or modify parameters in the the configuration file, you do so at your own risk.
A section of the configuration file contains a header stating "Java Additional Parameters". This section allows for a large number of configuration changes, and merits having some discussion on how to add new parameters. On install, the Java Additional Parameters section may look like the following:
Adding or modifying parameters in the configuration file is considered an advanced configuration change. Most installations don't require any additional parameters, nor do they require modification to existing parameters. We generally discourage most users from making changes to parameters in the configuration file, as doing so could result some unintended behavior or security vulnerabilities. We list the parameters on this page for the sake of transparency.
If you choose to add or modify parameters in the the configuration file, you do so at your own risk.
When adding a new parameter, the "
wrapper.java.additional.#" prefix must be added to a new line. Each parameter contains a prefix ("
wrapper.java.additional.#"), a key, and a value that the key will be set to. Generally speaking, each parameter in the file should follow the pattern below:
Uncommented parameters should be listed in ascending numerical order, based on the number at the end of the prefix, as shown below.
Designer and Vision Client Parameters (H2)
Suppressing Error Message Details (H3)
By default, error messages in the Designer and Client report a stack trace, which provides granular information about the source of the error. However in some cases, these stack traces may include sensitive information from the Gateway. You can restrict the amount of information presented in these error messages with the following parameter:
Where %Value% is one of the following values:
|NONE||Errors are not suppressed at all. This is functionally the same as not specifying the parameter at all. (default behavior)|
|CLIENT||Error messages for client sessions will be suppressed, but not designer sessions.|
|ALL||Error messages for both clients and the designer will be suppressed.|
Gateway Security HTTP Headers and Configuration
Gateways use more secure security headers. The default settings are listed below, along with their associated keys. These parameters mainly impact Perspective sessions, as well as any pages hosted on Ignition's web server.
Strict Transport Security
The following keys interact with the Strict-Transport-Security header. Enabling the header involves setting the
Dignition.https.sts.maxAge key to a non-zero value. By default, the header is disabled.
Sets the maximum age of the Strict Transport Security header. The value should be set to an integer, representing a number of seconds.
|Applies the |
This parameter allows websites to tell the browser to only connect using HTTPS. It can be set to "
The following keys interact with the Referrer-Policy header: By default, the header is enabled with a value of
Allows you to enable or disable the Referrer-Policy header. Expects a
Sets the value of the Referrer-Policy.
X Content Type Options
The following keys interact with the X-Content-Type-Options header: By default, the header is enabled with a value of
Allows you to enable or disable the X-Content-Type-Options header. Expects a
Determines the value of the X-Content-Type-Options.
X Frame Options
The following keys interact with the X-Frame-Options header: By default, the header is enabled with a value of
Enables or disables the X-Frame-Options header.
Determines the value of the X-Frame-Options header
X XSS Protection
The following keys interact with the X-XSS-Protection header. By default, the header is enabled with a value of
Enables or disables the X-XSS-Protection header.
Determines the value of the X-XSS-Protection header.
Maximum Form Size
Hosted Launcher Installers
Normally, each Ignition Gateway includes files for the various launchers. When you download a launcher from a Gateway, it simply streams its local launcher files. However, you can override this behavior, causing the Gateway to ignore it's local launcher files and instead download launchers from the internet. This is an uncommon configuration for most cases, as it was devised primarily to aid with systems where memory limitations are strict (such as physical devices that include preinstalled Ignition Gateways).
Enabling Hosted Launchers
The following parameter (and value) enables the use of hosted launchers. While enabled, the Gateway will only ever attempt to retrieve the hosted launchers, meaning it will ignore the local launcher files.
Hosted Launcher Version
By default, enabling Hosted Launchers will cause the Gateway to retrieve launchers version appropriate launchers: 8.0.0 launchers for 8.0.0 Gateways, 8.1.0 launchers for 8.1.0 Gateways, etc.
The parameter below can be used to explicitly state which launcher version to retrieve. Generally, this is not recommended, but can potentially be useful if you're looking for a specific launcher version. It requires that
-Dignition.hostedLaunchers is set to "true".
You can specify which edition of Ignition a Gateway should be set to with the parameter demonstrated below.
- Standard Ignition -
- Ignition Edge -
- Ignition Maker -
Loading Unsigned Modules - "Developer Mode"
Normally, an Ignition Gateway will not allow unsigned module to be installed. This restriction can be disabled with the flag below. This is normally done in cases where a user is developing a custom module, and wants to install it without having the module signed.
Gateway Network Parameters
By default, gateway remote providers can only "hop" two gateways away. For example, assume the numbers below represent gateways, which are all connected over a gateway network.
Normally, gateway 1 only has access to gateway 2 and 3. Gateway 4 is too far away. However this can be changed by adding the following to Gateway 1's configuration file:
Perspective Web Socket Compression
You can remove the compression header for perspective web socket connections.
This parameter is generally only used in cases where a Microsoft IIS based firewall is acting like a reverse proxy, and needs to be able to rewrite secure web-socket messages.
Perspective Session Route Handling
The following parameters are used to modify route handling for Perspective Sessions. Most systems will not need to modify these parameters. However increasing the values of these parameters may be helpful in cases where large project updates are sent out to active Perspective Sessions over a spotty network. A low timeout and concurrency in that scenario may result in browser timeouts.
Determines the number of concurrency sessions. Defaults to 25.
Determines the timeout period when receiving project updates. Defaults to 5000 milliseconds.
Store and Forward Parameters
It is possible to adjust the refresh rate of the System Tag Provider's System Tags. To do so, add the following system flag in the ignition.conf file:
Where "####" is the rate in milliseconds that the Tags should refresh at. Default refresh rate is 5000 milliseconds.
Tag Historian Parameters
Tag Historian Query Syntax
The Ignition Tag Historian stores and queries data in a particular way. When a Tag has Tag History enabled on it, an entry is generated for this Tag inside the sqlth_te table in your database. This Tag's Tag path, along with other Tag attributes, are stored in this table. Every Tag entry in the sqlth_te table has a unique Tag id which is used by the Tag Historian to identify each Tag. Whenever we make any type of change to this Tag's historical configurations, such as its Tag Group for instance, the current sqlth_te table entry for this Tag becomes retired and a new, unretired entry for this Tag gets created with a new Tag id. Due to this dynamic, it is common for a Tag path in the sqlth_te table to be associated with more than one Tag id. When a Tag History query executes for a specific Tag, a check is made against the sqlth_te table for all the Tag id's that match this Tag's Tag path. These Tag id's are then used to build a dynamic SQL query like the one shown below:
When we query Tag history for a Tag with three Tag id's associated with its Tag path, the system uses repetitive OR clauses to account for all the Tag id's for this Tag. Additional OR clauses in this fashion can be hard for databases to optimize. For this reason, we changed the query generating mechanism to use the IN operator like so:
The use of the IN operator allows for better database side query optimization. Users who want to change their historian to use the old query constructor with OR operators can do so by placing the following system flag in the ignition.conf file: