ADSS Admin Guide

Items

Description

Server Names

The address of the RA Service being controlled from this Service Manager. Ensure the address points to the correct service URL, i.e. if you are running the service on multiple machines in a load-balanced configuration then check that the name is correct for the particular instance that needs to be started/stopped/restarted. By default it will be that of the local machine.

Start

Start the service. Status will change to “Running” after a successful start.

Stop

Stop the service. Status will change to “Stopped” after the service is stopped.

Restart

Stop and then start the service in one go, Status will change to “Running” after a successful restart.

RA SCEP Certificate

Certificates with the purpose of "RA Certificate" in Key Manager are listed in this drop down. This certificate is returned to the device when device sends GetCACert request. It is used to encrypt the PKCS#10/CSR request generated by the device to be sent to the ADSS RA Service.

Ensure web service based client requests are signed

By enabling this option, ADSS RA Service will only accept the signed requests from the web service. Unsigned requests will not be accepted.

Note: SCEP requests are always signed so this check has no effect on its processing and authentication. 

Sign all requests to CA Server

This option is used to enable each certification request to be signed by the ADSS RA Service when sent to the ADSS CA Server.

Note: Only those certificates will be shown by enabling this option in the respective drop down that are issued with purpose "RA Certificate" from Key Manager.

Use Request Signing Certificate

This option is used to enable Request signing before forwarding request to ADSS CA Server. Select the request signing certificate which pre-exists in the Key Manager.

Ensure all the changes are saved by clicking the Save button and restart the service to take changes effect.