Project: pro-desktop · Branch: master · Mode: · Model: claude-haiku-4-5-20251001 Stats: 1 user messages, 27 tool calls, tools used: Grep, Glob, Read. Conversation Turn 1 — User Find where TI (Telematik Infrastructure) environment configuration is handled in the codebase. Look for: - TI environment setup/configuration code - Client certificate handling for TI - German healthcare (DE) specific TI modules or services - Configuration files or services related to TI Focus on understanding where the TI environment is configured and where we would hook in to detect when it's set up. Turn 1 — Assistant I'll help you find TI (Telematik Infrastructure) environment configuration in the codebase. Let me search for relevant files and code patterns. Tools used: - Grep: TI|Telematik|telematik Tools used: - Grep: TI|Telematik|telematik Tools used: - Grep: certificate|cert.DE|healthcare.DE Tools used: - Glob: /ti Tools used: - Glob: /german Tools used: - Glob: /healthcare Tool results: → result (ok): Found 2 files src/modules/gematik-kim/services/client/yapople/yapople.js .github/scripts/push_translations.js Tool results: → result (ok): Output too large (21.9KB). Full output saved to: /Users/USER/.claude/projects/-Users-clertonra-workspace-doctolib-doctolib-pro-desktop/24b66373-b0ad-4ac5-b8b9-0a23767b50c4/tool-results/toolu_01D9beEzUXWNZWHGvdhc2r8Y.txt Preview (first 2KB): Found 390 files tools/skope/src/routing/searchParams.ts tools/skope/src/features/skills/frontend/components/__tests__/SkillsView.test.tsx tools/skope/src/features/review/issues/components/IssueHeader.tsx tools/skope/src/features/releases/f …(truncated, 1748 more chars) Tool results: → result (ok): Found 103 files src/modules/kbv-ti-connect/services/soap-client-helpers.ts src/modules/kbv-ti-connect/services/types.ts src/modules/kbv-ti-connect/services/service-directory-service/__tests__/service-directory-service.test.ts src/modules/kbv-ti-connect/services/mock/mock-certificate.ts src/modules/kbv-ti-connect/services/service-directory-service/__tests__/connectorConfigurationValidator.test.ts src/modules/kbv-ti-connect/services/__tests__/soap-client-helpers.test.ts src/modules/kbv-ti-connect/ …(truncated, 6384 more chars) Tool results: → result (ok): No files found Tool results: → result (ok): No files found Tool results: → result (ok): /Users/USER/workspace/doctolib/doctolib-pro-desktop/.git/description /Users/USER/workspace/doctolib/doctolib-pro-desktop/.github/actions/ddv_test_installer/action.yml /Users/USER/workspace/doctolib/doctolib-pro-desktop/.github/actions/ddv_test_release/action.yml /Users/USER/workspace/doctolib/doctolib-pro-desktop/.github/scripts/push_translations.js /Users/USER/workspace/doctolib/doctolib-pro-desktop/.husky/.gitignore /Users/USER/workspace/doctolib/doctolib-pro-desktop/.prettierrc /Users/USER/wo …(truncated, 11639 more chars) Great! I found a significant module dedicated to TI environment. Let me dig deeper into the TI-related modules: Tools used: - Glob: /gematik-ti-environment/ Tools used: - Glob: /gematik-ti-settings/ Tools used: - Glob: /kbv-ti-connect/ Tool results: → result (ok): /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/README.md /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/types/tiEnvStorage.ts /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/constants/module.ts /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/constants/certificates.ts /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti …(truncated, 4725 more chars) Tool results: → result (ok): /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-settings/README.md /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-settings/renderer/components/__tests__/TISettings.test.tsx /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-settings/index.ts /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-settings/renderer/components/TISettings.tsx Tool results: → result (ok): /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/kbv-ti-connect/README.md /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/kbv-ti-connect/services/connector-wsdls/conn/CardEvents.xsd /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/kbv-ti-connect/services/connector-wsdls/conn/CardService.xsd /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/kbv-ti-connect/services/connector-wsdls/conn/CardServiceCommon.xsd /Users/USER/workspace/doctolib/ …(truncated, 11695 more chars) Now let me read the key TI environment files to understand the configuration: Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/README.md Tool results: → result (ok): 1→# Gematik Specialist Service 2→ 3→Manages TI Environment (RU/PU/TITUS). 4→ 5→## Team Owner 6→ 7→FIRE 8→ 9→## Tests 10→ 11→Run unit tests 12→ 13→ 14→npm run test:unit -- --project gematik-ti-environment 15→ 16→ 17→Run unit tests + retrieve coverage 18→ 19→ 20→npm run test:coverage -- --project gematik-ti-environment 21→ 22→ Whenever you read a file, you shou …(truncated, 285 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/index.ts Tool results: → result (ok): 1→export { TI_ENV_SCHEMA_LABEL } from '@module/gematik-ti-environment/types/tiEnvStorage' 2→export type { TiEnvSchema, eRezeptSchema, vauSchema } from '@module/gematik-ti-environment/types/tiEnvStorage' 3→export { TiEnvRepository } from '@module/gematik-ti-environment/services/tiEnvRepository' 4→export { TiEnvEvent } from '@module/gematik-ti-environment/constants/events' 5→export { TiEnvProvider } from '@module/gematik-ti-environment/services/tiEnvProvider' 6→export { Ti …(truncated, 443 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/main/module.ts Tool results: → result (ok): 1→import { isEmpty } from 'lodash' 2→ 3→import { getDefaultTiEnv } from 'src/constants' 4→ 5→import { isDev } from 'src/constants/env' 6→ 7→import { createLogger } from '@core/logger' 8→import { DdvModule } from '@core/modules-management/main' 9→ 10→import { TiEnvRepository } from '@module/gematik-ti-environment/services/tiEnvRepository' 11→import { registerTiEnvEvents, removeTiEnvEvents } from '@module/gematik-ti-environment/main/tiEnv' 12→imp …(truncated, 1785 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/main/tiEnv.ts Tool results: → result (ok): 1→import { isRelease } from 'src/constants' 2→ 3→import { ipcManager } from '@core/ipc-manager' 4→import { sendPreferences } from '@core/app/main/helpers/preferences-helper' 5→import { getTabsManager } from '@core/tabs/main/getTabsManager' 6→ 7→import { TiEnvDataSchema, TiEnvValueSet } from '@module/gematik-ti-environment/types/tiEnvStorage' 8→import { 9→ decryptTiEnvValues, 10→ setTiEnvValues, 11→ getTiEnvironment, 12→ getTiEnvLocalArtifac …(truncated, 5453 more chars) Let me read more key files to understand the complete picture: Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/types/tiEnvStorage.ts Tool results: → result (ok): 1→/ eslint-disable @typescript-eslint/consistent-type-definitions / 2→ 3→/ 4→ TI Env safe storage schema 5→ Name: 'tienv' 6→ / 7→export enum TiEnvValueSet { 8→ RU = 'RU', 9→ PU = 'PU', 10→ TITUS = 'TITUS', 11→} 12→ 13→export type eRezeptSchema = { 14→ hostUrl: string 15→ userAgent: string 16→} 17→ 18→export type SandboxSchema = { 19→ serviceUrl: string 20→ userAgent: string 21→} 22→ …(truncated, 1804 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/constants/events.ts Tool results: → result (ok): 1→/ 2→ List of events happen during TiEnv IPC Events 3→ / 4→export enum TiEnvEvent { 5→ TiEnvChange = 'dl_ti_env_change', 6→ TiEnvDecrypt = 'dl_ti_env_decrypt', 7→ TiEnvConfigure = 'dl_ti_env_configure', 8→ TiEnvDisplay = 'dl_ti_env_display', 9→ TiEnvLocalArtifactsFile = 'dl_ti_env_local_artifacts_file', 10→ TiEnvUseLocalArtifacts = 'dl_ti_env_use_local_artifacts', 11→} 12→ Whenever you read a file, you should cons …(truncated, 278 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/services/tiEnvProvider.ts Tool results: → result (ok): 1→import { 2→ EREZEPT_HOST_URL, 3→ EREZEPT_USER_AGENT, 4→ VAU_USER_AGENT_TITUS, 5→ VAU_HOST_URL_TITUS, 6→ DISCOVERY_DOCUMENT_URL, 7→ TI_DOCTOLIB_CLIENT_ID, 8→ TI_DOCTOLIB_REDIRECT_URI, 9→ USER_AGENT, 10→ TSS_REFERRAL_SERVICE_HOST_URL, 11→ TSS_BILLING_SERVICE_HOST_URL, 12→} from '@module/gematik-ti-environment/constants/tmpData' 13→import { 14→ eRezeptSchema, 15→ SandboxSchema, 16→ vauSchema, 17→ TiEnvDataSchema …(truncated, 3044 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/services/configurationAutomator.ts Tool results: → result (ok): 1→import { isRelease } from 'src/constants' 2→ 3→import { getTiEnvLocalArtifacts } from '@module/gematik-ti-environment/services/tiEnv' 4→import S3Configurator from '@module/gematik-ti-environment/services/configurators/s3Configurator' 5→import LocalConfigurator from '@module/gematik-ti-environment/services/configurators/localConfigurator' 6→import { TiEnvValueSet } from '@module/gematik-ti-environment//types/tiEnvStorage' 7→ 8→export class ConfigurationAutomat …(truncated, 703 more chars) Let me read the configurators and certificate provider files: Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/services/tiEnvCertificateProvider.ts Tool results: → result (ok): 1→import { CA_CERTIFICATE, IDP_REF_ROOT_CA } from '../constants/certificates' 2→import { TiEnvCertificateSchema, TiEnvDataSchema, TiEnvValueSet } from '../types/tiEnvStorage' 3→import { getTiEnvironment, getTiEnvValues } from './tiEnv' 4→ 5→type Environment = (typeof TiEnvValueSet)[keyof typeof TiEnvValueSet] 6→ 7→interface CertificateConfig { 8→ getCaCert: (stored: string | undefined) => string 9→ getIdpRoot: (stored: string | undefined) => string 1 …(truncated, 2620 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/services/configurators/s3Configurator.ts Tool results: → result (ok): 1→import { TiEnvDataSchema, TiEnvValueSet } from '@module/gematik-ti-environment/types/tiEnvStorage' 2→import S3Reader from '@module/gematik-ti-environment/services/s3Reader' 3→ 4→import BaseConfigurator from './baseConfigurator' 5→ 6→class S3Configurator extends BaseConfigurator { 7→ name = 'S3Configurator' 8→ 9→ async getConfigurationData(env: TiEnvValueSet): Promise { 10→ return await S3Reader.getConfigurationData(env) 11→ …(truncated, 409 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/services/tiEnv.ts Tool results: → result (ok): 1→/ eslint-disable @typescript-eslint/explicit-function-return-type / 2→import { 3→ TiEnvValueSet, 4→ TiEnvDataSchema, 5→ TiEnvLocalArtifactConfig, 6→} from '@module/gematik-ti-environment/types/tiEnvStorage' 7→import { TiEnvRepository } from '@module/gematik-ti-environment/services/tiEnvRepository' 8→import TiSafeStorage from '@module/gematik-ti-environment/services/tiSafeStorage' 9→ 10→type Encryptable = string | EncryptableObject 11→ 12 …(truncated, 2456 more chars) Let me check the repository file and base configurator: Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/services/tiEnvRepository.ts Tool results: → result (ok): 1→import { getDefaultTiEnv } from 'src/constants' 2→ 3→import { 4→ TiEnvDataSchema, 5→ TiEnvValueSet, 6→ TI_ENV_DATA_KEY, 7→ TI_ENV_VALUE_KEY, 8→ TiEnvSchema, 9→ TI_ENV_LOCAL_ARTIFACT_KEY, 10→ TiEnvLocalArtifactConfig, 11→} from '@module/gematik-ti-environment/types/tiEnvStorage' 12→import { getTiEnvStore } from '@module/gematik-ti-environment/services/tiEnvStorage' 13→ 14→const DEFAULT_TI_ENV_ARTIFACT = { filePath: '', enabled: …(truncated, 2332 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/services/configurators/baseConfigurator.ts Tool results: → result (ok): 1→import { TiEnvValueSet, TiEnvDataSchema } from '@module/gematik-ti-environment/types/tiEnvStorage' 2→import { setTiEnvironment, setTiEnvValues } from '@module/gematik-ti-environment/services/tiEnv' 3→ 4→abstract class BaseConfigurator { 5→ abstract name: string 6→ 7→ abstract getConfigurationData(env: TiEnvValueSet): Promise 8→ 9→ async configure(env: TiEnvValueSet): Promise { 10→ const configurationData = await this.getC …(truncated, 521 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/constants/certificates.ts Tool results: → result (ok): 1→export const IDP_REF_ROOT_CA: string = 2→-----BEGIN CERTIFICATE----- 3→MIICHjCCAaSgAwIBAgIRYFlJ4CYuu1X5CneKcflK2GwwCgYIKoZIzj0EAwMwUDEk 4→MCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBDQSAtIFI1MRMwEQYDVQQKEwpH 5→bG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWduMB4XDTEyMTExMzAwMDAwMFoX 6→DTM4MDExOTAzMTQwN1owUDEkMCIGA1UECxMbR2xvYmFsU2lnbiBFQ0MgUm9vdCBD 7→QSAtIFI1MRMwEQYDVQQKEwpHbG9iYWxTaWduMRMwEQYDVQQDEwpHbG9iYWxTaWdu 8→MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAER0UOlvt9Xb/pOdEh+J8LttV …(truncated, 31128 more chars) Now let me check the TI environment component and some additional configurator code: Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/renderer/components/preferences/sections/TiEnvironment.tsx Tool results: → result (ok): 1→import { useEffect, useState } from 'react' 2→import { useTranslation } from 'react-i18next' 3→import { Heading } from '@doctolib/design-system-b2b/Heading' 4→import { Button } from '@doctolib/design-system-b2b/Button' 5→import { Card } from '@doctolib/design-system-b2b/Card' 6→import { Divider } from '@doctolib/design-system-b2b/Divider' 7→import { Alert } from '@doctolib/design-system-b2b/Alert' 8→import { Select } from '@doctolib/design-system-b2b/Select' …(truncated, 5712 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/services/tiEnvStorage.ts Tool results: → result (ok): 1→import { moduleStore, Store } from '@core/store' 2→ 3→import { TiEnvSchema, TI_ENV_SCHEMA_LABEL } from '@module/gematik-ti-environment/types/tiEnvStorage' 4→ 5→const store = moduleStore(TI_ENV_SCHEMA_LABEL) as Store 6→ 7→/ 8→ Migrate from legacyStore to dedicated TI Env store. 9→ All keys remains the same 10→ / 11→const storeVersion0 = 0 12→ 13→const latestVersion = storeVersion0 14→ 15→/ 16→ * Migrate fr …(truncated, 792 more chars) Perfect! Let me also check for any KBV TI Connect related code: Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/kbv-ti-connect/README.md Tool results: → result (ok): 1→TI is the primary technical infrastructure for eServices for the german health care system, connecting Health Professionals and offering: 2→ 3→- identification, authentication, signing, encryption - for health professionals, for their institutions, for the patients, and for health care organizations, 4→- secure connections to other secure networks like the SNK which includes KV-Connect (see Figure 2) 5→ 6→The TI-Plattform includes services like VSDM, which produces the …(truncated, 942 more chars) Tools used: - Read: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/kbv-ti-connect/main/module.ts Tool results: → result (ok): 1→import { v4 } from 'uuid' 2→ 3→import { DdvModule } from '@core/modules-management/main' 4→ 5→import { extraLogParser } from 'src/utils/extraLogParser' 6→ 7→import TiConnectionChecker from '../services/connection-checker' 8→import { isTiConfigured } from '../services/ti-connect-settings' 9→import { registerTiConnectEvents, removeTiConnectEvents } from './ti-connect' 10→import { TiConnectRepository } from '../services/ti-connect-repository' 11→imp …(truncated, 2123 more chars) Perfect! Now I have a comprehensive understanding of the TI environment configuration. Let me compile my findings: TI (Telematik Infrastructure) Environment Configuration in the Codebase Based on my thorough search, here's where TI environment configuration is handled: Primary Modules 1. gematik-ti-environment Module - Location: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/gematik-ti-environment/ - Purpose: Manages TI Environment configuration for RU (Production), PU (Test), and TITUS (Integration) environments - Team Owner: FIRE Key Components Configuration Storage & Repository - TiEnvRepository (tiEnvRepository.ts) - Wrapper around the store for retrieving and persisting TI environment data - Stores and retrieves tiEnvValue (RU/PU/TITUS) - Stores and retrieves tiEnvData (complete environment configuration) - Stores and retrieves tiEnvLocalArtifact (local configuration file settings) - TiEnvStorage (tiEnvStorage.ts) - Manages persistent storage with schema versioning - Uses moduleStore with label 'tienv' - Handles migration between store versions Configuration Data Structure (tiEnvStorage.ts) TiEnvValueSet: - RU (Production) - PU (Test) - TITUS (Integration) TiEnvDataSchema includes: - sandbox: SandboxSchema (serviceUrl, userAgent) - erezept: eRezeptSchema (hostUrl, userAgent) - vau: vauSchema (hostUrl, userAgent) - VAU is key TI service - idp: IdpSchema (discoveryDocumentUrl, tiDoctolibClientId, redirect URI) - kbv_idp: IdpSchema (KBV-specific IDP) - kbv_specialist_service: (tssReferralServiceHostUrl, tssBillingServiceHostUrl) - certificates: TiEnvCertificateSchema (idpRoot, caCert) Certificate Handling (tiEnvCertificateProvider.ts) - TiEnvCertificateProvider class manages client certificates for TI - Provides separate certificate configurations per environment (RU/PU/TITUS) - Default certificates stored in constants/certificates.ts include: - IDP_REF_ROOT_CA - Root CA certificate for IDP - CA_CERTIFICATE - Multiple Gematik root and component CAs (German healthcare infrastructure) - Supports fallback mechanisms per environment Configuration Automation (configurationAutomator.ts) - ConfigurationAutomator class handles automatic TI environment setup - Selects appropriate configurator based on: - Development vs Release mode - Local artifacts enabled/disabled - Calls either LocalConfigurator or S3Configurator Configurators (Strategy Pattern) - BaseConfigurator (baseConfigurator.ts) - Abstract base class - Method: configure(env: TiEnvValueSet) - Sets environment and values - Delegates data retrieval to subclasses - S3Configurator (s3Configurator.ts) - Fetches configuration from S3 in production/staging - Used in release builds - LocalConfigurator (localConfigurator.ts) - Reads local tar.gz files for configuration - Artifacts location: /src/modules/gematik-ti-environment/artifacts/ - Supports: config_pu.tar.gz, config_ru.tar.gz, config_titus.tar.gz - TmpConfigurator (tmpConfigurator.ts) - Fallback configurator - Uses hardcoded defaults when other sources fail IPC Events (constants/events.ts) - TiEnvChange - When environment settings change - TiEnvDecrypt - To decrypt sensitive environment data - TiEnvConfigure - To configure the selected environment - TiEnvDisplay - To log current configuration (debug) - TiEnvLocalArtifactsFile - To set local artifact file path - TiEnvUseLocalArtifacts - Toggle local artifacts usage Module Initialization (main/module.ts) export default class TiEnvModule extends DdvModule { initialize(): void { // 1. Load stored TI env data from repository // 2. Initialize repository with defaults if needed // 3. In dev: fetch config only if no existing data // 4. In prod/staging: always fetch updated configuration // 5. ConfigurationAutomator.exec(envValue) } } UI Component (renderer/components/preferences/sections/TiEnvironment.tsx) - Settings panel for users to: - Select TI environment (RU/PU/TITUS) - Configure the environment (triggers TiEnvConfigure event) - Enable/disable local artifacts (dev/debug mode only) - Select local artifact file - Log current configuration (debug mode) Security & Encryption - TiSafeStorage - Handles encryption/decryption of sensitive TI values - Environment data is encrypted at rest using encryptTiEnvValues() and decryptTiEnvValues() Related Module: kbv-ti-connect Location: /Users/USER/workspace/doctolib/doctolib-pro-desktop/src/modules/kbv-ti-connect/ - Uses TI environment configuration for connecting to German healthcare TI services - Detection Hook: isTiConfigured(settings) in ti-connect-settings.ts - Called during KbvTiConnectModule initialization - Checks if TI is properly configured before attempting connection Hook Points for TI Detection To detect when TI environment is set up, you would hook into: 1. Module Initialization: - gematik-ti-environment/main/module.ts - Initialization completes - kbv-ti-connect/main/module.ts - Checks isTiConfigured() 2. Events: - Listen to TiEnvEvent.TiEnvConfigure IPC event 3. Repository Check: - TiEnvRepository.tiEnvValue - Check if set to RU/PU/TITUS - TiEnvRepository.tiEnvData - Check if configuration data exists 4. Service Provider: - TiEnvProvider class provides environment-specific configurations for services - Call getEnv(serviceName) to retrieve service-specific configuration File Locations - Main module: /src/modules/gematik-ti-environment/ - KBV TI Connect: /src/modules/kbv-ti-connect/ - Artifact configs: /src/modules/gematik-ti-environment/artifacts/ - Certificates: /src/modules/gematik-ti-environment/constants/certificates.ts - Storage: Uses Electron Store via getTiEnvStore() with schema label 'tienv'` This architecture provides a clean separation of concerns with environment-specific configurators, certificate management, and encrypted storage of German healthcare infrastructure credentials.