Home > ADSS SAM Service > Configuring the SAM Service

Configuring the SAM Service

These are the steps to be taken when configuring the ADSS SAM Service.

The order in which the steps are defined is not important; it is possible to go back to an earlier step and make changes later if required.

Steps Description
Step 1 Configure a Hardware Crypto Source within Key Manager for this service. This is a mandatory step if the user's keys are to be held in an HSM for Authorised Remote Signing. The ADSS SAM Appliance provides a CC EAL4+ certified EN 419241-2 Qualified Remote Signing solution and uses the Utimaco CP5 Se1500 HSM. In non-certified mode the ADSS SAM Service can be run using any HSM supported by ADSS Server or software based keys. 
Step 2 Configure one or more SAM Profiles that will be relevant for managing users, signing keys, authorised devices, authorisation requests, signing requests, getting the signed hash (i.e. PKCS#1 signature) and their current statuses. Client applications refer to the SAM Profile within their request messages sent to the ADSS SAM Service.
Step 3 Register one or more client applications within the Client Manager. These can now be authorised to make requests to one or more SAM Profiles.
Step 4
Use the ADSS SAM Service Manager to start/stop/restart the service. ADSS SAM Service is required to be restarted when a SAM Profile is added/updated/deleted.

Each of these steps is described in the sections that follow:

Step 1 - Configuring Hardware Crypto Source
Step 2 - Configuring SAM Profile
Step 3 - Registering Business Application
Step 4 - Using Service Manager