Property

Description

Signature Padding Scheme

Define the signature padding scheme to be used by the signing service while performing signing operations. The default parameter value is:

  • SIGNATURE_PADDING_SCHEME = PKCS1

Possible values are PKCS1 and PSS

Note: Click here for more details on limitations when PSS padding scheme is used.

V3 CMS signatures

Used to generate the CMS V3 signatures.

  • CREATE_CMS_V3_SIGNATURE = FALSE

Note: Only supported while doing server side hashing.

UBL signatures

Used to generate the UBL 2.1 compliant XML enveloped signatures only.

  • UBL_COMPLIANT_SIGNATURES = FALSE

Click Here for more details on UBL signature.

Response URI

Response URI of the Signing Service where RAS Service will send the OAuth authorization code when OAuth is used as credentials authorization method in RAS Service or authorization is delegated to an IdP by the RAS Service.

  • RESPONSE_URI = https://localhost:8777/adss/signing/hdsi

User Activation Threshold

It defines the time period in minutes for which the signer status remains INACTIVE upon authentication failure limit elapsed. Once this period is elapsed, the signer status is automatically reverted to ACTIVE. This property is used in conjunction with property "USER_AUTHENTICATION_FAILURE_LIMIT". 

  • USER_ACTIVATION_THRESHOLD = 60

Default value: 60 minutes.

User Authentication Failure Limit

It defines the number of failed authentications after which the signer status is automatically marked as INACTIVE. The inactivity duration is defined using the property "USER_ACTIVATION_THRESHOLD". 

  • USER_AUTHENTICATION_FAILURE_LIMIT = 0

Default value: 0 (i.e. unlimited failed authentications allowed)

Signature Cache Expiry Threshold

It defines the time period in minutes to keep meta info in cache that is stored by Signing Service against every request in case of remote authorisation signing. On time elapse, cache entry will be removed by an automated process. The cache expiry threshold is defined using the following property:

  • SIGNATURE_CACHE_EXPIRY_THRESHOLD = 5

Default value: 5 minutes.

Signature Cache Clear Interval

It defines the time interval after which the automated process will remove the meta info from the cache. This cache is used by Signing Service in case of remote authorisation signing. The cache clearance interval is defined using the following property:

  • SIGNATURE_CACHE_CLEAR_INTERVAL = 5

Default value: 5 minutes.

Signature Token Cache Clear Interval

It defines the time period after which the expired access tokens will be removed from the database. The cache clearance for expired access tokens is defined using the following property:

  • SIGNATURE_TOKEN_CACHE_CLEAR_INTERVAL = 600

Default value: 600 seconds

Signature Token Batch Size

It defines the number of transactions in a batch for removing the expired access tokens from the database. It is defined using the following property:

  • SIGNATURE_TOKEN_BATCH_SIZE = 100

Default value: 100

SOAP version

Version of SOAP message when the response XML is produced.

  • SOAP_VERSION = 1.1

Possible values are 1.1 and 1.2

Transaction logs settings

Transactions can be stored either directly or delayed for better performance. The following properties are used for logging:

  • TRANSACTION_LOG_MODE = LAZY
    Used to decide whether the transactions are kept in memory before these are stored in the database (LAZY logging) or directly stored in the database (EAGER logging). Possible values: LAZY, EAGER
    In case of LAZY logging the transaction logs are kept in memory upto the number of seconds configured in TRANSACTION_LOG_LAZY_INTERVAL or number of transactions configured in TRANSACTION_LOG_LAZY_RECORD_COUNT whichever is reached first.
  • TRANSACTION_LOG_LAZY_INTERVAL = 2
    When LAZY logging is configured, transactions are kept in memory upto the configured time or if the configured TRANSACTION_LOG_LAZY_RECORD_COUNT is reached before it.
  • TRANSACTION_LOG_LAZY_RECORD_COUNT = 50
    When LAZY logging is configured, transactions are kept in memory until the configured number of transactions is reached or if the configured TRANSACTION_LOG_LAZY_INTERVAL is met before it.


See also

Verification Service
Certification Service
OCSP Service
OCSP Repeater
TSA Settings
XKMS Service

SCVP Service
LTANS Service
Decryption Service
OCSP Monitor
GoSign Service
RA Service
CRL Monitor
RAS Service
SAM Service
CSP Service
NPKD Service
SPOC Service