Property

Description

Enable PKCS#11 key deletion

Used to control the deletion of user keys issued through certification service from PKCS#11 device. When enabled, delete request will also delete the key from PKCS#11 device. When disabled, delete request will only delete the key from database without effecting the key in PKCS#11 device

  • ENABLE_PKCS11_KEY_DELETION  = TRUE

Signature Padding Scheme

Define the signature padding scheme to be used by the certification service while doing certificate signing operation. The default parameter value is:

  • SIGNATURE_PADDING_SCHEME = PKCS1

Possible values are PKCS1 and PSS

Note: Click here for more details on limitations when PSS padding scheme is used.

SOAP version

Version of SOAP message when the response XML is produced.

  • SOAP_VERSION = 1.1

Possible values are 1.1 and 1.2.

Transaction logs settings

Transactions can be stored either directly or delayed for better performance. The following properties are used for logging:

  • TRANSACTION_LOG_MODE = LAZY
    Used to decide whether the transactions are kept in memory before these are stored in the database (LAZY logging) or directly stored in the database (EAGER logging). Possible values: LAZY, EAGER
    In case of LAZY logging the transaction logs are kept in memory upto the number of seconds configured in TRANSACTION_LOG_LAZY_INTERVAL or number of transactions configured in TRANSACTION_LOG_LAZY_RECORD_COUNT whichever is reached first.
  • TRANSACTION_LOG_LAZY_INTERVAL = 2
    When LAZY logging is configured, transactions are kept in memory upto the configured time or if the configured TRANSACTION_LOG_LAZY_RECORD_COUNT is reached before it.
  • TRANSACTION_LOG_LAZY_RECORD_COUNT = 50
    When LAZY logging is configured, transactions are kept in memory until the configured number of transactions is reached or if the configured TRANSACTION_LOG_LAZY_INTERVAL is met before it.


See also

OCSP Service
Certification Service
CRL Monitor
SAM Service
RAS Service
CSP Service
Unity Service