The Service Manager allows suitably authorised operators to start/stop the ADSS RA Service and make changes to the overall service configuration. If the service is stopped then requests are no longer accepted (including SCEP, PKCS#10/CSR, PFX requests), however the ADSS RA Service continues to process existing requests and allow administrative commands from the RA service GUI interface.

The following screen is shown when the "Service Manager" button is clicked:

The configuration items are as follows:

Items

Description

Server Names

The address of the RA Service being controlled from this Service Manager. Ensure the address points to the correct service URL, i.e. if you are running the service on multiple machines in a load-balanced configuration then check that the name is correct for the particular instance that needs to be started/stopped/restarted. By default it will be that of the local machine.

Start

Start the service. Status will change to “Running” after a successful start.

Stop

Stop the service. Status will change to “Stopped” after the service is stopped.

Restart

Stop and then start the service in one go, Status will change to “Running” after a successful restart.

RA SCEP Certificate

Certificates with the purpose of "RA Certificate" in Key Manager are listed in this drop down. This certificate is returned to the device when device sends GetCACert request. It is used to encrypt the PKCS#10/CSR request generated by the device to be sent to the ADSS RA Service.

Ensure web service based client requests are signed

By enabling this option, ADSS RA Service will only accept the signed requests from the web service. Unsigned requests will not be accepted.

Note: SCEP requests are always signed so this check has no effect on its processing and authentication

Sign all requests to CA Server

This option is used to enable each certification request to be signed by the ADSS RA Service when sent to the ADSS CA Server.

Note: Only those certificates will be shown by enabling this option in the respective drop down that are issued with purpose "RA Certificate" from Key Manager.

Use Request Signing Certificate

This option is used to enable Request signing before forwarding request to ADSS CA Server. Select the request signing certificate which pre-exists in the Key Manager.


Ensure all the changes are saved by clicking the Save button and restart the service to take changes effect.


See also

Step 1 - Profile Categories

Step 2 - RA Profiles
Step 3 - Registering Business Application
Step 4 - Using the Service Manager