Signing Service
Once a client is registered, following configurations for the Signing Service can be made within Client Manager for this business client:
- Allow the client to access the ADSS Signing Service
- Assign the Signing Profiles which can be accessed by this client
- Configure a default Signing Profile for this client
- Configure the document signing keys which can be accessed by this client
Once a client is registered, permissions to access the Signing Service can be granted by editing this client. On the edit screen, clicking on the Signing Service link at the top of the page shows the following screen:
Select the Allow this client to access the ADSS Signing Service checkbox. If the application also needs to access other ADSS services (e.g. verifying signed documents or generating and certifying user signing keys) then the relevant links (Verification Service, Certification Service etc.) should be followed to allow permissions for these services.
The next action is to define which signing profiles (configured within the ADSS Signing Service) are to be made available to this client. Signing profiles are server configurations that define the type of signature to be created by ADSS Server. By default all the existing signing profiles will be made available to each newly registered client. Different clients may need to have access to different signing profiles. In order to allow access to a particular signing profile, simply move that profile from the left-hand group box labelled Available Signing Profiles to the right-hand group box labelled Selected Signing Profiles using the >> button shown in the screenshot above. Clients can only reference those signing profiles that are shown in the Selected Signing Profiles. To remove access to a particular profile use the opposite << button to move the relevant profile back to the right-hand box.
The Profile Usage Map button provides an overview of which profiles are being used by which clients.
The Default Signing Profile defines which profile to use in case the request message from this client does not reference any specific signing profile.
The lower half of the screen, allows you to define which signing keys the client can access. By default the client application will be able to access any document signing key held within the ADSS Key Manager. The ADSS Key Manager is a central repository of all operator generated/imported keys. Only those keys will be shown which are for the purposes of document signing. Again simply move any keys that are not to be allowed for this client to the left-hand box. The Certificate Usage Map button provides an overview of which keys/certificates are being used by which clients.
Click the Save button when the list is updated to store the changes.
​Whenever configurations are updated on this page remember to restart the Signing Service and have the changes take effect. |
See also
Verification Service
Certification Service
XKMS Service
LTANS Service
Decryption Service
Go-Sign Service
RA Service
RAS Service
SAM Service
CSP Service