Configuring the Krypton service

Krypton is an engine for raw, transcribed recognition and large vocabulary continuous recognition.

Management Station displays commonly-used properties on the Settings tab, and the following tables shows some of these properties. (Management Station does not display less-common parameters, but you can add them to the display at any time. For a complete list, see Speech product parameters.)

Note: Krypton is packaged with a self-signed certificate and pre-configured to enable secure connections using TLS/SSL. You can use the self-signed certificates for testing and development, but for a secure production environment you need to acquire a certificate signed by a Certificate Authority (CA), and a PEM-formatted private key. Then configure the properties described below under HTTPS settings and These HTTP client settings also affect HTTPS communication paths. (The httpClient properties control how the service behaves when acting as a client. ).

HTTPS settings

Service property

Description

Data type

Default

https : port

Port where the Krypton listens for HTTPS requests.

INT

8600

https : host

The host where the Krypton HTTPS listener port (https : port) is defined.

STRING  

https : keyFile

Path and filename of a private key.

STRING ./keys/server.key

https : certFile

Path and filename of the signed certificate file for Krypton.

STRING ./keys/server.crt

https : passphrase

The encrypted passphrase for the service's private keyfile.

STRING  

https : requestCert

Requests and verifies a certificate from clients that try to connect to via HTTPS.

BOOLEAN false

https : rejectUnauthorized

When the service acts as a client, this property requires servers to be authorized by valid certificates.

BOOLEAN true

https : caCertificates

Certificate authority (CA) files to use when authenticating certificates.

STRING  

Trust setting

Service property

Description

Data type

Default

trust : maxClockDrift

Specifies the drift tolerance (in seconds) between client and server hosts for security verification purposes. Based on difference in UUID timestamps, with a valid range of 1-120 seconds and default value of 15 seconds. INT 15

Licensing setting

Service property

Description

Data type

Default

license : path

Port and IP address of the Nuance License Manager, using the format:

port@ip_address

STRING 27000@localhost

Logging settings

Service property

Description

Data type

Default

log : level

Logging level for the Krypton session, one of fatal, error, warn, status, info, debug, or trace.

In Management Station, logging levels set on the General tab take precedence over those set via the service Settings tab.
STRING info (The Management Station default logging level is STATUS, and it overrides this default value.)

log : maxSize

Maximum log file size in bytes.

INT 5242880

log : maxFiles

Maximum number of log files.

INT 5

Data pack settings

Service property

Description

Data type

Default

dataPack : languages

Optional. One or more data pack names. Use a comma-separated list to specify two or more data packs. For example:

[ndp-eng-USA-GEN-3.7.0,ndp-cmn-CHN-GEN-3.7.0]
STRING  

dataPack : s3Config

Name of a configuration package that applies to all data packs.

The package name is its directory name under NDP_HOME.

For example:

ndp-s3config-3.7.0
STRING  

HTTP client settings (also affects HTTPS)

These HTTP client settings also affect HTTPS communication paths. (The httpClient properties control how the service behaves when acting as a client. )

Service property

Description

Data type

Default

httpClient : requestTimeoutMs

Maximum time, in milliseconds, to wait for a response.

Default is 10000 (10 seconds).

INT 10000

httpClient : followRedirect

Specifies whether to enable HTTP 3xx responses as redirects. When disabled, 3xx responses are treated as errors.

BOOLEAN true

httpClient : maxRedirects

Maximum number of redirects to follow.

INT 10

httpClient : rejectUnauthorized

When the service acts as a client, this property requires servers to be authorized by valid certificates.

BOOLEAN false

httpClient : keyFile

Server's private key PEM filename.

The filepath is relative to $KR_DATA_DIR/config. You cannot specify an absolute path.

STRING  

httpClient : certFile

Server's X.509 certificate PEM filename.

The filepath is relative to $KR_DATA_DIR/config. You cannot specify an absolute path.

STRING  

httpClient : passphrase

Private keyfile encrypted passphrase.

STRING  

httpClient : caCertificates

Certificate authority (CA) files to use when authenticating certificates.

When httpClient : rejectUnauthorized (above) is true, list of certificates to use to validate the certificates of an HTTPS resource. Comma-separated list of certification authority's (CA) X.509 certificate files in PEM format (one file per CA).

The filepath is relative to $KR_DATA_DIR/config. You cannot specify an absolute path.

STRING  

httpClient : cache : enable

Specifies whether to enable disk caching. This optional disk cache holds downloaded recognition objects including wordsets and domain language models.

BOOLEAN false

httpClient : cache : maxSize

Maximum size of the disk cache, in kilobytes.

INT 500

httpClient : cache : cleanAfterNumSessionsCompleted

After this number of session terminations, the cache purges itself of any expired objects.

INT 5

httpClient : cache : saveToDisk

Specifies whether to save the cache status on exit and reload it when the host restarts.

BOOLEAN false

Resource Manager settings

Service property

Description

Data type

Default

defaultHostName

Krypton hostname used by Resource Manager.

When provided, this value specifies a particular hostname to register with the Resource Manager. When not set, the hostname is determined by defaultNetworkInterface (see below), or defaults to the name of the host where the Krypton instance is running.

For hosts with a single assigned hostname no setting is required, but for multi-homed hosts these parameters allow you to specify which of several host addresses to use.

The defaultHostName setting takes precedence over defaultNetworkInterface settings.

STRING  

defaultNetworkInterface

Network interface name and protocol family of the Krypton instance.

Where:

  • defaultNetworkInterface : name is the network interface name
  • defaultNetworkInterface : protocol is the protocol family (default IPv4)

When both parameters are set, they provide the default value for defaultHostName above.

STRING  

defaultHostName

Hostname or IP address of the Resource Manager host. Setting this parameter enables Resource Manager, allowing Krypton to publish its capabilities to Resource Manager.

STRING  

rmRegistration : retryInterval

Time to wait, in milliseconds, before attempting to reconnect to Resource Manager.

Default is 5 seconds.

INT 5000
rmRegistration : urls

Connects Krypton to the hostname and port of the Resource Manager listener.

STRING  

Preloading Krypton Modules

To preload Krypton modules, edit the service’s configuration file and then start the service.

Open the krypton.yaml file manually and specify the DLM in the preload section of the configuration.

Note: this must be done by editing the configuration file. You can view the preload configuration in Management Station but please do not edit these settings from Management Station because they will not be parsed correctly.

Note: Krypton modules (DLMs) are not cached across application restarts.

The preload section of the .yaml file uses the following format:

preload:
  - dataPack: 
      language:
      topic:
    objects:  
      - url: 
        weight: 
        type: 		

These fields are defined as follows:

Service property

Description

Data type

Default

preload:dataPack An array of one or more data packs with DLMs to preload into the instance. For multi-language applications, repeat the language, topic, and objects fields. object n/a
preload:dataPack:language Language and locale identifier in the form xxx-YYY, for example eng-USA. The value is case-sensitive. string none
preload:dataPack:topic Language model name, for example GEN. The value is case-sensitive. string none
preload:dataPack:objects One or more DLMs to preload, to be available as static content for all sessions in the instance. The maximum number of loaded DLMs for a single recognition turn is 5. object n/a
preload:dataPack:objects:url URL of the DLM zip file, either remotely with http[s]:// or locally with file:// string none
preload:dataPack:objects:weight The weight of the DLM compared to the data pack: lowest, low, medium, high, highest, or an integer 0-1000. Default is 0. This value is optional. int 0
preload:dataPack:objects:type A keyword representing the type of object to be preloaded. This value is optional. string none

Here's an example that preloads DLMs for three different domains in two languages, with one object defined for each language. Note that the values do not need to be surrounded by quotes or double-quotes but they are used here for legibility.

preload:
  - dataPack:
      language: 'eng-USA'
      topic:  'GEN'
    objects:  
      - url: 'http://host/path/finance-dlm.zip' 
        weight: 0
        type: application/x-nuance-domainlm	
      - url: 'http://host/path/airline-dlm.zip'
        weight: 0
        type: application/x-nuance-domainlm	
      - url: 'http://host/path/pizza-dlm.zip'
        weight: 0
        type: application/x-nuance-domainlm	
  - dataPack: 
      language: 'cmn-PRC'
      topic:  'GEN' 
    objects: 
      - url: 'http://host/path/finance-mandarin-dlm.zip' 
        weight: 0
        application/x-nuance-domainlm	 
      - url: 'http://host/path/airline-mandarin-dlm.zip'
        weight: 0
        type: application/x-nuance-domainlm	
      - url: 'http://host/path/pizza-mandarin-dlm.zip'
        weight: 0
        type: application/x-nuance-domainlm

For details about configuring the Krypton service, see Configuring Krypton.