Property

Description

Signature Padding Scheme

Define the signature padding scheme to be used by the verification service while performing verification response signing operations. The default parameter value is:

  • SIGNATURE_PADDING_SCHEME = PKCS1

Possible values are PKCS1 and PSS

Note: Click here for more details on limitations when PSS padding scheme is used.

XAdES-X signature type

Used to generate the the XAdES-X Type1/Type2 signature at the time of signature enhancement.

  • XADES_X_SIGNATURE_TYPE = 1

Possible values are; 0 = Not required, 1 = SigAndRefTimeStamp, 2 = RefOnlyTimestamp 

CAdES-X signature type

Used to generate the the CAdES-X Type1/Type2 signature at the time of signature enhancement.

  • CADES_X_SIGNATURE_TYPE = 1 

Possible values are; 0 = Not required, 1 = SigAndRefTimeStamp, 2 = RefOnlyTimestamp 

Signature verification in PKCS#11

When enabled, qualified signature verification is performed inside the PKCS#11 device.

  • USE_CERTIFIED_VERIFICATION_ALGORITHMS = FALSE

Note that this feature will only work for XML signatures.

LDAP address for attribute certificates

Provide the LDAP address to add the attribute certificates in the PDF signatures during enhancement.

  • ATTRIBUTE_CERT_LDAP_ADDRESS = NONE 

SOAP version

Version of SOAP message when the response XML is produced.

  • SOAP_VERSION = 1.1  

Possible values are 1.1 and 1.2

Response signature mode

This defines how the signature is to be provided on Verification response XML.  Either the signature can be wrapped around the response data or provided separately. 

  • RESPONSE_SIGNATURE_MODE = ENVELOPED

Possible values are ENVELOPED, ENVELOPING

Cached responses from database

When enabled, cached responses from database are returned when same Transaction ID is received in the request. Default value: FALSE

  • ENABLE_RESPONSE_CACHING = FALSE 

Transaction logs settings

Transactions can be stored either directly or delayed for better performance. The following properties are used for logging:

  • TRANSACTION_LOG_MODE = LAZY
    Used to decide whether the transactions are kept in memory before these are stored in the database (LAZY logging) or directly stored in the database (EAGER logging). Possible values: LAZY, EAGER
    In case of LAZY logging the transaction logs are kept in memory upto the number of seconds configured in TRANSACTION_LOG_LAZY_INTERVAL or number of transactions configured in TRANSACTION_LOG_LAZY_RECORD_COUNT whichever is reached first
  • TRANSACTION_LOG_LAZY_INTERVAL = 2
    When LAZY logging is configured, transactions are kept in memory upto the configured time or if the configured TRANSACTION_LOG_LAZY_RECORD_COUNT is reached before it
  • TRANSACTION_LOG_LAZY_RECORD_COUNT = 50
    When LAZY logging is configured, transactions are kept in memory until the configured number of transactions is reached or if the configured TRANSACTION_LOG_LAZY_INTERVAL is met before it.


See also

Signing Service
Certification Service
OCSP Service
OCSP Repeater
TSA Settings
XKMS Service

SCVP Service
LTANS Service
Decryption Service
OCSP Monitor
GoSign Service
RA Service
CRL Monitor
RAS Service
SAM Service
CSP Service
NPKD Service
SPOC Service