Environment data in Vault

Vault is supported for storing sensitive key-value pairs for Docker configuration. If you want to use this method of environment configuration, set CONFIGURE_MODE to Vault. With this setting, startup scripts fetch environment-related data from Vault when you start a Docker container.

You can have a Vault Tenant to represent your company (For example, MyCompany), EnvironmentName (For example, Non-production), and EnvironmentType (For example, auth).

Note: Consul and all related configurations were removed from HCL Commerce 9.1.9.0 and greater. The filename of the provided Vault Helm Chart, however, remains the same.

Storing key-value pairs in Vault

To set up Vault, see the Vault website. When you have a Vault ready for use, you can complete the following steps to store and retrieve key-value pairs.

Create a mount point based on the {Tenant}.

For example,

init_json='json_data={"type":"generic","description":"description","config":{"max_lease_ttl":"876000"}}'
header="X-Vault-Token:vaultToken"

curl -X POST -H $header -H "Content-Type:application/json" -d '{"type":"generic","description":"description","config":{"max_lease_ttl":"876000"}}' http://vaultIP:vaultPort/v1/sys/mounts/tenant

Store key-value pair data by using the following command.

curl -X POST -H "X-Vault-Token:vaultToken" -d '{"value":"value"}' http://vaultIP:vaultPort/v1/tenant/environmentName/enviromentType/targetKey

For example, to store the value "mall" for a key name "dbName" under path MyCompany/Non-production/auth/dbName:

curl -X POST -H "X-Vault-Token:7f47efbb-b162-619b-0ced-448079d91b77" -d '{"value":"mall"}' http://myhostname.com:8200/v1/MyCompany/Non-production/auth/dbName

Retrieving key-value pairs in Vault

Retrieve key-value pair data by using the following command.

curl -X GET -H "X-Vault-Token:vaultToken" http://VaultIP:VaultPort/v1/tenant/environmentName/enviromentType/targetKey | jq -r .data.value

Key-value data structure in Consul/Vault

The following tables list all of the default key-value paths on Consul/Vault.

The default EnvType values are auth and live.The only exception is the additional EnvType named data for the search-query-app application.

You can add your key-value paths based on your business requirements and define custom logic to fetch them.

The structure of the HCL Commerce deployment key-value pair reference is broken down into the following sections by function, and ordered by release level:

Name, port, security scheme, and certificate configurations


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/domainName`	Optional	Specify the internal service domain name. If the deployed environment is on a special namespace on Kubernetes, then the domain name should be .svc.cluster.local. If no value is specified, then the default, `default.svc.cluster.local`, is used.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/externalDomainName`	Optional	This value specifies the store-web external domain name, which can be recognized by your browser. For example, in the hostname store.demo4qaauth.hcl.com, hcl.com is the external domain name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storeDomainMapping`	Optional	This value specifies the store name to domain name mapping. Using this value can map one store to multiple domain names. The format that is used is `sitename=domainname;sitename=domainname; ...`. For example, `AuroraESite=www.mycompany.com;AuroraESite=www.mycompany1.com;AuroraB2BESite=www.mycompany.b2b.com;`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/zookeeperHost`	Mandatory	Specify a value if you want to set a zookeeperHost value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/zookeeperPort`	Optional	Specify a value if you want to set a zookeeperPort value, instead of using the default value. The default value is `2181`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/zookeeperScheme`	Optional	Specify a value if you want to set a zookeeperScheme value, instead of using the default value. The default value is `http`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/redisHost`	Mandatory	Specify the Redis hostname that NiFi will connect to for event messages.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/redisPort`	Optional	Specify the Redis port number that NiFi will connect to for event messages. The default value is `6379`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/redisPasswordEncrypt`	Optional	The encrypted Redis server password.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/kafkaServers`	Optional	Specify a value if you want to enable ZooKeeper and Kafka. The format for this key-value pair is: `"kafkaServers": server1:port1,server1:port2`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/kafkaTopicPrefix`	Optional	Specify a value if you want to config ZooKeeper and Kafka. If no value is specified, the following default value is applied. `${TENANT}${ENVIRONMENT}${ENVTYPE}`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/kafkaTopicPrefix`	Optional	The Kafka authentication user ID.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/kafkaTopicPrefix`	Optional	The Kafka authentication user password.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/zooKeeperServers` Note: Deprecated and removed in HCL Commerce 9.1.12.0.	Optional Removed in 9.1.12.0+	Specify a value if you want to enable ZooKeeper and Kafka. The format for this key-value pair is: `"zooKeeperServers": server1:port1,server2:port2`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txnHost`	Optional	Specify a value if you want to set txnHost, instead of using the default value. Note: This value is used for the Transaction server Docker container only. The txHost value is used for all other containers.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txnPort`	Optional	Specify a value if you want to set txnPort, instead of using the default value. Note: This value is used for the Transaction server Docker container only. The txPort value is used for all other containers.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txHost`	Optional	Specify a value if you want to set txHost, instead of using the default value. Note: This value is used for all containers other than the Transaction server Docker container. To set the value for the Transaction server Docker container, use the txnHost value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/txPort`	Optional	Specify a value if you want to set txPort, instead of using the default value. Note: This value is used for all containers other than the Transaction server Docker container. To set the value for the Transaction server Docker container, use the txnPort value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/xcHost`	Optional	Specify a value if you want to set a host name for the Customization server, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/xcPort`	Optional	Specify a value if you want to set a port number for the Customization server, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storeHost`	Optional	Specify a value if you want to set a value for the Store server Commerce Remote Store (CRS) store host, instead of using the default value. The default value is the `crs-app` service name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storePort`	Optional	Specify a value if you want to set a value for the Store server Commerce Remote Store (CRS) store port, instead of using the default value. The default value is `8443`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/previewPort`		Specify a value if you want to set previewPort, instead of using the default value. The default value is `443`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storeWebHost`	Optional	Specify a value if you want to set storeWebHost, instead of using the default value. The default value is store.${TENANT}${ENVIRONMENT}${ENVTYPE}${EXTERNAL_DOMAIN_NAME}.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/storeWebPort`	Optional	Specify a value if you want to set storeWebPort, instead of using the default value. The default value is `443`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/reactStoreHost`	Optional	Specify a value if you want to set reactStoreHost, instead of using the default value. The default value is www.${TENANT}${ENVIRONMENT}${ENVTYPE}${EXTERNAL_DOMAIN_NAME}.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/reactStorePort`	Optional	Specify a value if you want to set reactStorePort, instead of using the default value. The default value is `443`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/reactStoreServiceHost`	Optional	Specify a value if you want to set reactStoreServiceHost, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/reactStoreServicePort`	Optional	Specify a value if you want to set reactStoreServicePort, instead of using the default value. The default value is `443`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/reactStorePreviewHost`	Optional	Specify a value if you want to set reactStorePreviewHost, instead of using the default value. The default value is store-preview.${TENANT}${ENVIRONMENT}${ENVTYPE}${EXTERNAL_DOMAIN_NAME.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/reactStorePreviewPort`	Optional	Specify a value if you want to set reactStorePreviewPort, instead of using the default value. The default value is `443`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/crs-sslport`	Optional	Specify if you want to set the store access security port to `SSLPort`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/crs-nonsslport`	Optional	Specify if you want to set the store access non-security port to `NONSSLPort`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchPort`	Optional	Specify a value if you want to set searchPort, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchScheme`	Optional	Specify a value if you want to set searchScheme, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchMasterHost`	Optional	The Search server host name. Note: This parameter is only required with the solr-based search solution auth environment. The default value is the solr search master service name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchSlaveHost`	Optional	The Search server host name. Note: This parameter is only required to be defined within the live environment. The default value is the solr search slave service name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchRepeaterHost`	Optional	The Search server host name. Note: This parameter is only required to be defined within the live environment. The default value is the solr search repeater service name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryHost`	Optional	The Search server host name for the Elasticsearch-based search solution. Specify a value if you want to set queryHost, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryPort`	Optional	The Search server port number for the Elasticsearch-based search solution. Specify a value if you want to set queryPort, instead of using the default value. The default value is `30901`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/queryScheme`	Optional	The Search server scheme for the Elasticsearch-based search solution. Specify a value if you want to set queryScheme, instead of using the default value. The default value is `https`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiHost`	Optional	Specify a value if you want to set a nifiHost value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiPort`	Optional	Specify a value if you want to set a nifiPort value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiScheme`	Optional	Specify a value if you want to set a nifiScheme value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiWebHttpPort`	Optional	Specify a value if you want to set a nifiWebHttpPort value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/registryHost`	Optional	Specify a value if you want to set a registryHost value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/registryPort`	Optional	Specify a value if you want to set a registryPort value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/registryScheme`	Optional	Specify a value if you want to set a registryScheme value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/queryHost`	Optional Removed in 9.1.12.0+	Specify a value if you want to set a queryHost value, instead of using the default value. Note: This keypair was replaced by queryHost in all releases HCL Commerce 9.1.12.0 and greater.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/queryPort`	Optional Removed in 9.1.12.0+	Specify a value if you want to set a queryPort value, instead of using the default value. Note: This keypair was replaced by queryPort in all releases HCL Commerce 9.1.12.0 and greater.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/queryScheme`	Optional Removed in 9.1.12.0+	Specify a value if you want to set a queryScheme value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/ingestHost`	Optional	Specify a value if you want to set an ingestHost value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/ingestPort`	Optional	Specify a value if you want to set an ingestPort value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/ingestScheme`	Optional	Specify a value if you want to set an ingestScheme value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchHost` Note: Mandatory when using the Elasticsearch-based search solution (ELASTICSEARCH_ENABLED is `true`).	Optional	Specify an elasticSearchHost value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchPort`	Optional	Specify a value if you want to set an elasticSearchPort value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchScheme`	Optional	Specify a value if you want to set an elasticSearchScheme value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/toolingBaseUrl`	Optional	This value is used by Management Center to load tooling single page application (SPA) from the tooling web server. `https://tooling-web-host:port/path-to-tooling-spa` Note: If you are using the Sapphire B2B headless store and need to launch the tooling in-store for approval, it is required to set up ingress so that the tooling web server can be hit through the store domain. For example, www.mycompany.com/tooling. Once ingress is enabled, you must configure toolingBaseUrl to use the store domain.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/approvalBaseUrl`	Optional	The Approval server base URL that is used by the Tooling Web Docker container. The format of the approval base URL https://`cmc-domain`:`port` For example, https://cmc.mycompanyauth.com:443. If this value is not specified, the Approval server base URL is obtained from the Tooling root, that being all characters before the first slash.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/certs/CertName`	Optional	Specify third-party certificate records. `demo2/qa/certs/demo2qa-test={‘certificate’: ‘asdfadsfadsfads’, ‘destination_host’: ‘adsfadsf’, ‘issuing_ca’: ‘fadsfadsfads’, ‘keystorepass’: ‘adsfadsfads’, ‘private_key’: ‘adsfadsfasd’}`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/certsBundle`	Optional	Specify third-party certificate records. `demo2/qa/certsBundle={‘crsapp’: ‘demo2qa-testky’, ‘searchapp’: ‘demo2qa-test’, ‘storeapp’: ‘’, ‘tsapp’: ‘demo2qa-test’, ‘tsweb’: ‘’, ‘xcapp’: ‘’}`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/allowedHost`	Optional	Specify white-listed host names for an associated module name. Host names are delineated by a comma, modules are delineated by a semi-colon. `Stores:host1.domain.com,host2.domain.com;LoBTools:host3.domain2.com,host4.domain2.com`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/allowedDomain`	Optional	Specify white-listed domain names for an associated module name. Domain names are delineated by a comma, modules are delineated by a semi-colon. `Stores:domain1.com,domain2.com;LoBTools:domain3.com,domain4.com`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/authJWKS`	Mandatory	Specify a value to set the JSON Web Key Set (JWKS) and key ID on the Transaction server. This is used to sign and validate the JSON Web Token (JWT). To generate a JWKS, see the generateJWKS utility.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserName`	Optional Mandatory (prior to 9.1.7.0)	The spiuser user name. If the value is not defined, then `spiuser` is used.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/spiUserPwd`	Mandatory	The ASCII encrypted spiuser user password. To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/adminSpiUserPwd`	Mandatory	The plain text spiuser user password. The ADMIN_SPIUSER_PWD must be the same value as SPIUSER_PWD but kept as plain text. To set the password in your custom Docker containers, see Setting the spiuser password in your Docker images.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/merchantKeyEncrypted`	Mandatory	The encrypted merchant key, encrypted with the key encryption key. The merchant key was created when you or an administrator loaded the HCL Commerce database schema. For more information, see: Loading the HCL Commerce database schema Generating encrypted data with the wcs_encrypt utility Important: You must specify your own merchant key and key encryption key values for the security of your HCL Commerce installation. Do not use the default values contained within the provided sample configuration files and documentation examples.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/keyEncryptionKey`	Optional	The plain text key that is used to encrypt the merchant key. The key encryption key is required to be 32 characters.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/sessionKeyEncrypt`	Mandatory Optional (prior to 9.1.12.0)	The encrypted session key value is generated using `wcs_encrypt.sh` utility to encrypt 32 random hexadecimal characters. Note: Do not specify an encryption key when running `wcs_encrypt.sh`. The Session key is used to encrypt cookies and sensitive customer facing data. For example, the krypto URL parameter. Important: You must specify your own session key for the security of your HCL Commerce installation. Do not use the default value contained within the provided sample configuration files and documentation examples.

Database configurations


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/jdbcUrl`	Optional	Specify the database connection URL. The URL is constructed based on the database type and whether or not SSL is enabled. With SSL: `{ENVTYPE}_JDBC_URL="jdbc:db2://${ENVTYPE}_DBHOST}:{ENVTYPE}_DBPORT/{ENVTYPE}_DBNAME}:sslConnection=true;"` Without SSL: `{ENVTYPE}_JDBC_URL="jdbc:db2://${ENVTYPE}_DBHOST}:{ENVTYPE}_DBPORT/{ENVTYPE}_DBNAME}` With SSL: `{ENVTYPE}_JDBC_URL=jdbc:oracle:thin:@(DESCRIPTION=(ADDRESS=(PROTOCOL=tcps)(HOST={ENVTYPE}_DBHOST)(PORT={ENVTYPE}_DBPORT))(CONNECT_DATA=(SERVICE_NAME={ENVTYPE}_DBNAME)))` Without SSL:`ENVTYPE_JDBC_URL="jdbc:oracle:thin:@"{ENVTYPE}_DBHOST:{ENVTYPE}_DBPORT/{ENVTYPE}_DBNAME`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/jdbcDriver`	Optional	Specify a value if you want to change the default database driver location for NiFi. The default values are: /opt/nifi/nifi-current/lib/db2jcc4.jar /opt/nifi/nifi-current/lib/ojdbc8.jar
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/jdbcDriverClass`	Optional	Specify a value if you want to change the default database driver class for NiFi. The default values are: com.ibm.db2.jcc.DB2Driver oracle.jdbc.driver.OracleDriver
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbSSLEnable`	Optional	Specify whether the database connection uses SSL. Accepted values are: `true` for an SSL connection. `false` for an unencrypted connection. The default value is `false`. Note: You can also specify datasource credentials through the start up command if you do not want to retrieve the datasource values from Vault.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbHost`	Mandatory	The database host name for the environment. Note: This value is only mandatory in the auth environment for `WCPublishDataSource`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbName`	Mandatory	The database name. Note: This value is only mandatory in the auth environment for `WCPublishDataSource`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbPort`	Mandatory	The database port number. Note: This value is only mandatory in the auth environment for `WCPublishDataSource`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbUser`	Mandatory	The HCL Commerce database user name. Note: This value is only mandatory in the auth environment for `WCPublishDataSource`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbPassword`	Mandatory	The HCL Commerce database user password. Note: This value is only mandatory in the auth environment for `WCPublishDataSource`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbPassEncrypt`	Mandatory	The encrypted HCL Commerce database user password.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbaUser`	Mandatory	The database administrator user name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbaPassEncrypt`	Mandatory	The encrypted database administrator user password.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbType`	Optional	The database type. Accepted values are: `db2` for IBM Db2 Database. `oracle` for Oracle Database. The default value is `db2`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbSchema`	Optional	The database schema.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dbXA`	Optional	Specify if the XA function is enabled for the database. Accepted values are: `true` for enabled. `false` for disabled. The default value is `false`. Note: You can also specify datasource credentials through the start up command if you do not want to retrieve the datasource values from Vault.

Search configuration


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/elasticSearchEnabled`	Mandatory	Specify whether the environment uses Elasticsearch-based search or Solr-based search. Accepted values are: `true` for Elasticsearch-based search. `false` for Solr-based search.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchQueryBaseUrl`	Optional	Specify the Search Query server to be used by Tooling. The format of the Search Query base URL is https://`query-domain`:`port`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchDataQueryBaseUrl`	Optional	Specify the Search Data Query server to be used by Tooling. The format of the Search Data Query base URL is https://`data-query-domain`:`port`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/queryScanPackages`	Optional	Specify an additional comma separated list of Java package names that the Query service should scan for processing.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/enableFeatureNlp`	Optional	Specify a value if you want to set the natural language processing feature. Note: This feature requires the Elasticsearch-based search solution. Accepted values are: `true` to enable natural language processing in search queries. `false` to expressly disable natural language processing in search queries. Note: This feature was deprecated in HCL Commerce 9.1.2.0. NLP is now specified using nlpEnableLanguageCode.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nlpEnableLanguageCode`	Optional	The language code for the Natural Language Processing (NLP) feature. Specify a comma separated list of language codes for natural language processing. For example, `en,es`. In this example, NLP is enabled for both English and Spanish. For HCL Commerce 9.1.11.0 and greater, there is no default value. You must specify a value if you want to enable NLP. If you do not set this value, or leave it empty, NLP remains disabled. For HCL Commerce 9.1.0.0 through 9.1.10.0, the default value is set to `en`, which enables the NLP feature for the English language.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nlpLemmatizationFeature`	Optional	Specify whether or not to enable the lemmatization feature for natural language processing. Note: Deprecated as of HCL Commerce 9.1.11.1. This value must remain as `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiClusterIsNode`	Optional	Specify whether the NiFi installation is a standalone installation. Accepted values are: `true` for a node in a NiFi cluster. `false` for standalone installation. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiClusterNodeProtocalPort`	Optional	Specify a value for the NiFi cluster node port. The default value is `8082`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiElectionMaxWait`	Optional	Specify a value if you want to if you want to set the maximum wait time for the NiFi election node service.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiJvmHeapInit`	Optional	Specify a value if you want to set a `nifiJvmHeapInit` value, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nifiJvmHeapMax`	Optional	Specify a value for the maximum JVM heap size for NiFi. The default value is `4096m`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/elasticSearchShardCount`	Optional	Specify the number of shards to store the indexes for that environment, within the Elasticsearch service. The default value is `1`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/elasticSearchReplicaCount`	Optional	Specify the number of replicas for indexes for that environment, within the Elasticsearch service. The default value is `0`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/autoUpdatePipeVersion`	Optional	Specify whether to automatically update the Ingest server pipe version. If set to `true`, then automatic upgrades to the latest version in the registry will occur during an Ingest restart, reverting all local changes. If set to `false`, then no automatic upgrades will take place. You can still use Ingest APIs to reset and upgrade any pipe. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/search-registry-app/schedulerWaitSeconds`	Optional	The registry service scheduler job run interval, in seconds. The default value is `300` seconds (5 minutes). As of the HCL Commerce9.1.14.0 release, the NiFi Registry container is now run as a non-root user. However, the cron job that is used to run the scheduler is required to run as the root user. Therefore, this mechanism is introduced to run scheduled_job.sh. You can check the log at the following path, /SETUP/scheduler/job.log.

Tooling configuration


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/allowTelemetry`	Mandatory	Management Center for HCL Commerce in all releases 9.1.12.0 and greater now report business user analytics to HCL. This information assists HCL in the development of new features and the enhancement of existing business user tools. Accepted values are: `yes`, to enable Google Analytics. `no`, to disable Google Analytics. The default value is `yes`. If enabled, the deploymentType parameter is required to be specified.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/deploymentType`	Mandatory	The deployment type. This value is required when allowTelemetry value is `yes`, but is ignored if the allowTelemetry value is set to `no`. Accepted values are: `development`, `staging`, `production`. Important: When starting the Tooling Web Docker container in versions 9.1.12.0 through 9.1.14.0, you must set the container deployment type. Failure to do so will prevent the container from starting. Ensure that you set the deployment type via the DEPLOYMENT_TYPE container environment variable, or in Vault at the following path `${VAULT_URL}/${TENANT}/${ENVIRONMENT}/deploymentType`. Accepted values are `development`, `staging`, or `production`.

Store, order, and inventory configuration


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/store-web/extraContentSecurityPolicySource`	Optional	Specify additional host names for the Content Security Policy (CSP) for the `store-web` container. The format of this value must conform to the content security policy source list standard. Failure to specify CSP correctly will trigger Cross Site Scripting (XSS) protection in browsers. Third-party analytics, images, style sheets, or other scripts that are hosted on a secondary domain or third-party domain will fail to load in the browser, resulting in features of your site failing otherwise gracefully. The default values supplied by HCL Commerce include your domain (EXTERNAL_DOMAIN_NAME), as well as analytics and file hosting from Google. Additional hostnames supplied via this variable include `frame-ancestors`, `frame-src`, `default-src`, `child-src`, `script-src`, `connect-src`, `style-src`, `font-src` and `img-src` definitions. For example: `.seconddomain.com` or `.seconddomain.com *.thirdpartydomain.com`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ts-web/extraContentSecurityPolicySource`	Optional	Specify additional host names for the Content Security Policy (CSP) for the Web server Docker container (`ts-web`). The format of this value must conform to the content security policy source list standard. Failure to specify CSP correctly will trigger Cross Site Scripting (XSS) protection in browsers. Third-party analytics, images, style sheets, or other scripts that are hosted on a secondary domain or third-party domain will fail to load in the browser, resulting in features of your site failing otherwise gracefully. The default values supplied by HCL Commerce include your domain (EXTERNAL_DOMAIN_NAME), as well as analytics and file hosting from Google. Additional hostnames supplied via this variable include `frame-ancestors`, `frame-src`, `default-src`, `child-src`, `script-src`, `connect-src`, `style-src`, `font-src` and `img-src` definitions. For example: `.seconddomain.com` or `.seconddomain.com *.thirdpartydomain.com`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/hystrixEnable`	Optional	Specify if you want to enable Hystrix. For more information on Hystrix, see Hystrix on the Store server. Accepted values are: `true` to enable Hystrix. `false` to leave Hystrix disabled. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/autoOrderCommentEventListenerEnabled`	Optional	Enable or disable the auto order comment event listener. By default this value is set to `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/useSemiColonForMarketplaceCSVDelimiter`	Optional	Enable or disable the use of a semi-colon ';' as the Marketplace CSV file delimiter. By default this value is set to `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/inventoryShowActualQuantity`	Optional	In a non-ATP inventory system with the noCheck parameter set for a catentry inventory (a value of `2` in the database), the API returns `1.0` as the quantity. To show the actual quantity, set this value to `true`. By default this value is set to `false`.

Nextjs Ruby store configuration


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/nodeInstanceNumber/nextjs-app`	Optional	Defines the maximum number of concurrent Node processes that can be run by the Node.js cluster API. Note: The value that is specified in Vault takes precedence over other configuration methods.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/reactStoreMapApiKey`	Mandatory	The Google Maps API key that is used by the React store.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/logLevel/nextjs-app`	Optional	The log level used for troubleshooting purposes. Available log levels are: `trace` `debug` `info` `warn` `error` `fatal` Note: When configured as `trace`, all messages are displayed. When configured as `debug`, all messages are displayed except those tagged as `trace`. When configured as `info`, all messages at levels `info` through `fatal` are displayed. By default, server-side API client log messages are displayed at level: `info` `trace` .
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/logSensorString/nextjs-app`	Optional	Defines the masking string that is used in logs to mask sensitive information, for example, messages with GDPR-related content. The set of values to mask are identified by their keys in the logging/core/redactionKeys.ts configuration file. For more information, see https://getpino.io/#/docs/redaction. The default value given in the template is `GDPR COMPLIANT`. If the value is empty, or not set, then the censor string that is used is `****`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/searchOrchestrationBaseUrl`	Mandatory when Orchestration is enabled	The Orchestration server base URL that is used by the Orchestration Docker container. The format of the approval base URL is https://orchestration-domain:port For example, https://orchestration.mycompanyauth.com:443.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/orchestrationHost`	Optional	The Orchestration server host name. The default value is `orchestration`. `${TENANT}${ENVIRONMENT}${ENVTYPE}.${EXTERNAL_DOMAIN_NAME}`. Specify a value if you want to set orchestration `Host`, instead of using the default value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/orchestrationPort`	Optional	The orchestration port number. Default value: 19443. Specify a value if you want to set orchestrationPort, instead of using the default value.

Logging and health configuration


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/enableJsonLogging`		Enable JSON logging. Accepted values are `true` to enable JSON logging. `false` to disable JSON logging. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/jdbcMonitorEnable/ts-app`	Optional	Specify whether to enable the JDBC monitor. Accepted values are: `true` to enable the JDBC monitor. `false` for disable the JDBC monitor. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/ts-app`	Optional	Specify a value if you want to enable Health Center. Accepted values are: `true` for enabling Health Center. `false` for not enabling Heather Center. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/search-app`	Optional	Specify a value if you want to enable Health Center. Accepted values are: `true` for enabling Health Center. `false` for not enabling Heather Center. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/xc-app`	Optional	Specify a value if you want to enable Health Center. Accepted values are: `true` for enabling Health Center. `false` for not enabling Heather Center. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/crs-app`	Optional	Specify a value if you want to enable Health Center. Accepted values are: `true` for enabling Health Center. `false` for not enabling Heather Center. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/search-query-app`	Optional	Specify a value if you want to enable Health Center. Accepted values are: `true` for enabling Health Center. `false` for not enabling Heather Center. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/healthCenterEnable/search-ingest-app`	Optional	Specify a value if you want to enable Health Center. Accepted values are: `true` for enabling Health Center. `false` for not enabling Heather Center. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/ts-app`	Optional	If you want to change the trace specification for the Transaction server, specify a value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceFileMaximumNumber/ts-app`	Optional	The size of the trace log file, in MB. The accepted value is an integer in the range from `1` to `20000` (20,000). By default this value is set to `20`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceFileMaximumSize/ts-app`	Optional	The maximum number of historical trace files. The accepted range is from `1` to `50`. By default this value is set to `5`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/search-app`	Optional	If you want to change the trace specification for the Search server, specify a value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/crs-app`	Optional	If you want to change the trace specification for the Store server, specify a value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/xc-app`	Optional	If you want to change the trace specification for the Customization server, specify a value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/search-ingest-app`	Optional	If you want to change the trace specification for the Ingest server, specify a value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/search-query-app`	Optional	If you want to change the trace specification for the Query server, specify a value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/cache-manager`	Optional	If you want to change the trace specification for the Cache Manager application, specify a value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/must-gather-app`	Optional	If you want to change the trace specification for the Must-Gather application, specify a value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/traceSpecification/nextjs-app`	Optional	Defines which API methods are logged. Functions can be filtered using a comma-separated list. `TRACE_DETAILS=findProducts,getV2CategoryResources` This specification will display the log messages from the `findProducts` and the `getV2CategoryResources` functions only. By default, this value is left empty. This implies that all functions are logged. `TRACE_DETAILS=`
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/ts-app`	Optional	Specify a value if you want to enable Thread Monitor. Accepted values are: `true` for enabling Thread Monitor. `false` for not enabling Thread Monitor. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/xc-app`	Optional	Specify a value if you want to enable Thread Monitor. Accepted values are: `true` for enabling Thread Monitor. `false` for not enabling Thread Monitor. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/search-app`	Optional	Specify a value if you want to enable Thread Monitor. Accepted values are: `true` for enabling Thread Monitor. `false` for not enabling Thread Monitor. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/crs-app`	Optional	Specify a value if you want to enable Thread Monitor. Accepted values are: `true` for enabling Thread Monitor. `false` for not enabling Thread Monitor. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/search-ingest-app`	Optional	Specify a value if you want to enable Thread Monitor. Accepted values are: `true` for enabling Thread Monitor. `false` for not enabling Thread Monitor. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/threadMonitorEnable/search-query-app`	Optional	Specify a value if you want to enable Thread Monitor. Accepted values are: `true` for enabling Thread Monitor. `false` for not enabling Thread Monitor. The default value is `false`.

Integration, and other miscellaneous configurations


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/jvmContainerSupport`	Optional
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/marketingEventListenerEnabled`	Optional	Enable the marketing event listener. Accepted values are: `true` to enable the listener. `false` to disable the listener. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ssoEnable`	Optional	Specify whether to enable or disable single sign-on (SSO). Accepted values are: `true` for enabling SSO. `false` for disabling SSO. The default value is `false`. For more information, see Enabling single sign-on.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ssoDomain`	Optional (Mandatory if ssoEnable is set to `true`.)	Specify the domain name that contains a set of hosts to which SSO applies. Accepted values are: `true` for enabling SSO. `false` for disabling SSO. The default value is `false`. This key value is required to be defined if ssoEnable is set to `true`. For more information, see Enabling single sign-on.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ssoSSL`	Optional (Mandatory if ssoEnable is set to `true`.)	Specify whether an SSL connection is used for SSO requests. Accepted values are: `true` for enabling SSL for SSO requests. `false` for disabling SSL for SSO requests. This key value is required to be defined if ssoEnable is set to `true`. For more information, see Enabling single sign-on.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ssoKeepAliveSession`	Optional	Specify whether to enable or disable the single sign-on (SSO) keepAliveSession feature on the Transaction server. Accepted values are: `true` for enabling the keepAliveSession parameter. `false` for disabling the keepAliveSession parameter. The default value is `false`. For more information, see Enabling single sign-on.

HCL Digital Experience integration


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dxHost`	Optional	The hostnames for either the `auth` or `live` instances of HCL Digital Experience (DX). This is required to integrate HCL Commerce with DX. Note: This integration is only supported on a Kubernetes deployment. If you have followed the instructions to pass in the HCL Commerce store domain name for the Host Override value when deploying DX, then HCL Digital Experience will share the same domain name as the HCL Commerce store. For more information, see Integrating HCL Digital Experience with HCL Commerce.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dxPort`	Optional	The port number for the HCL Digital Experience (DX) `auth` or `live` instance. The default value is set to `443` if the DX hostname has been set and there is no custom value specified.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/dxScheme`	Optional	The scheme for the HCL Digital Experience (DX) `auth` or `live` instance. The default value is set to `https` if the DX hostname has been set and there is no custom value specified.

Must-Gather logging


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/logElasticSearchHost`	Mandatory	The Elasticsearch log host name used by Must-Gather.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/logElasticSearchPort`	Mandatory	The Elasticsearch log port number used by Must-Gather.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/maxDocsPerService`	Optional	The maximum number of documents to retrieve from the Elasticsearch log.

LDAP integration


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapType`	Mandatory (when LDAP is enabled)	The LDAP server type. Accepted values are: `IDS` for IBM Directory Server `DOMINO` for IBM Lotus Domino `SUNONE` for Sun Java System Directory Server `AD` for Microsoft Windows Active Directory `NDS` for Novell Directory Services `CUSTOM` for a custom directory server
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapHost`	Mandatory (when LDAP is enabled)	The fully qualified LDAP server host name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapPort`	Mandatory (when LDAP is enabled)	The LDAP server port number.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapSSL`	Optional	Specify whether the LDAP server requires an SSL connection. Accepted values are: `true` for SSL. `false` for no SSL.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapLoginProp`	Mandatory (when LDAP is enabled)	The LDAP property names that are used to log into the application server.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapRealmName`	Mandatory (when LDAP is enabled)	Specify a value for the Realm name, instead of using the default value. The default value is `myrealm`. Note: If you are integrating with HCL Digital Experience, you must use the same Realm name for both.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapUserFilter`	Mandatory (when LDAP is enabled)	The LDAP user search filter. Only used for the custom LDAP type.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapUserPrefix`	Mandatory (when LDAP is enabled)	The LDAP user prefix.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapBindPassword`	Mandatory (when LDAP is enabled)	The LDAP bind password XOR encoded by the WebSphere Application Server V8.5.5 Liberty securityUtility utility. For example: `securityUtility encode --encoding=xor passw0rd` For more information on the securityUtility utility, see securityUtility command in the WebSphere Application Server V8.5.5 Liberty documentation.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapBindDN`	Mandatory (when LDAP is enabled)	The LDAP bind distinguished name (DN). The value must be in lower case.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapBaseDN`	Mandatory (when LDAP is enabled)	The LDAP search base distinguished name (DN). The value must be in lower case.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapRootOrgDN`	Mandatory (when LDAP is enabled)	The full distinguished name (DN) that maps to the HCL Commerce root organization. The value must be in lower case.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/ldapDefaultOrgDN`	Mandatory (when LDAP is enabled)	The full distinguished name (DN) that maps to the HCL Commerce default organization. The value must be in lower case.

IBM MQ integration


Vault path	Requirement	Description
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqEnable`	Optional	Specify whether to enable IBM MQ integration. Accepted values are: `true` for IBM MQ integration. `false` for no IBM MQ integration. The default value is `false`.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqEnableActivitySessionTimoutPeriod`	Mandatory (when MQ integration is enabled)	The session timeout value.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqMaxConnection`	Mandatory (when MQ integration is enabled)	The maximum number of connections allowed with IBM MQ.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqHost`	Mandatory (when MQ integration is enabled)	The hostname of the IBM MQ server.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqPort`	Mandatory (when MQ integration is enabled)	The port number of the IBM MQ server.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqQueueManagerName`	Mandatory (when MQ integration is enabled)	The IBM MQ Queue Manager used by HCL Commerce to connect to the IBM MQ server.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqErrorQueueName`	Mandatory (when MQ integration is enabled)	The IBM MQ Error Queue Name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqInboundQueueName`	Mandatory (when MQ integration is enabled)	The IBM MQ Queue Name.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqSerialInboundQueueName`	Mandatory (when MQ integration is enabled)	The IBM MQ Queue Name to process messages in series.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqParallelInboundQueueName`	Mandatory (when MQ integration is enabled)	The IBM MQ Queue Name to process messages in parallel.
`${VAULT_URL}/${TENANT}/${ENVIRONMENT}/${ENVTYPE}/mqOutboundQueueName`	Mandatory (when MQ integration is enabled)	The IBM MQ Outbound Queue Name.