The following steps enable you to create a new ADSS Server user. This assumes the user already has a client TLS certificate that will be used to authenticate them to ADSS Server and provide a secure TLS/TLS protected session:


  • Ensure the Issuer CA for the user's client TLS certificate has been defined within Trust Manager and that the option "CA for verifying TLS client certificates" has been selected (this tells Tomcat to trust this CA for user access). If this CA has just been added to Trust Manager for the first time then ADSS Server must be fully restarted by restarting the Windows services (or the UNIX daemons) to ensure the running Tomcat instance has this change otherwise the TLS certificate will not be accepted. Restarting all services and all configurations in ADSS Service Manager is not sufficient.
  • Create a new user using the Users option of the User Manager section. 
  • In the certificate field, click browse to locate the digital certificate that will be used to identify this user's TLS connection to the console.
  • If you are going to try to logon locally, logout from ADSS Server and close all IE browser instances.
  • Launch the IE browser once again and select the new user's certificate for TLS client authentication.
  • Note that in order to use FireFox the user certificate must be configured in its local store.
  • The new user can now log into the ADSS Server console and use the privileges defined within their assigned role.
  • Global Settings > Miscellaneous options defines whether user and other certificates are to have their status checked.

See also

Starting & Stopping ADSS Server

Accessing the ADSS Server Console
Adding a User to ADSS Server
Managing Backups
Managing Disk Space
Upgrading ADSS Server
Checking PKCS11 HSM Functionality
Trace Logs Export Utility