These are the steps to be taken when configuring the ADSS SAM Service.

The order in which the steps are defined is not important; it is possible to go back to an earlier step and make changes later if required.

Steps

Description

Step 1:

Configure a Hardware Crypto Source within Key Manager for this service. This is a mandatory step if the user's keys are to be held in an HSM for Authorised Remote Signing. The ADSS SAM Appliance provides a CC EAL4+ certified EN 419241-2 Qualified Remote Signing solution and uses the Utimaco CP5 Se1500 HSM. In non-certified mode the ADSS SAM Service can be run using any HSM supported by ADSS Server or software based keys. 

Step 2:

Configure one or more SAM Profiles that will be relevant for managing users, signing keys, authorised devices, authorisation requests, signing requests, getting the signed hash (i.e. PKCS#1 signature) and their current statuses. Client applications refer to the SAM Profile within their request messages sent to the ADSS SAM Service.

Step 3:

Register one or more client applications within the Client Manager. These can now be authorised to make requests to one or more SAM Profiles.

Step 4:

Use the ADSS SAM Service Manager to start/stop/restart the service. ADSS SAM Service is required to be restarted when a SAM Profile is added/updated/deleted.


Each of these steps is described in the sections that follow:


See also

Configuring the SAM Service

Registered Users
Transactions Log Viewer
Logs Archiving
Alerts
SAM Service Interface URLs