These settings can be found under Global Settings > Advanced Settings for module Console:


Property

Description

Allowed Host Addresses

It is a comma separated host address, which serves as a whitelist, determining which host addresses are allowed to access to access the application in order to address the Host Header Vulnerability. Default values: localhost/127.0.0.1.

  • ALLOWED_HOST_ADDRESSES = localhost, 192.168.20.121

Home screen alerts

ADSS Server Console shows various system alerts on the home page.

  • SHOW_HOME_SCREEN_ALERTS = TRUE


By setting the value to FALSE to disable the alerts on home page. Configuring this setting to False will reduce the log in time.

Signature Padding Scheme

Define the signature padding scheme to be used while console instance is performing signing operations. The default parameter value is:

  • SIGNATURE_PADDING_SCHEME = PKCS1


Possible values are PKCS1 and PSS

Note: Click here for more details on limitations when PSS padding scheme is used.

License validity threshold

Number of days to show the alert on ADSS Server Console before expiration of the ADSS Server license.

  • ALERT_LICENSE_VALIDITY_THRESHOLD = 30

Certificate validity threshold

Number of days to show the alert before expiry of certificates configured in Key Manager, Trust Manager, Manage CAs, Access Control and Client Manager modules.

  • ALERT_CERTIFICATE_VALIDITY_THRESHOLD = 30 

Login if revocation source is not available

If the property is configured as TRUE, and revocation checking for user TLS client certificate is required, then, proceed with login even if revocation source is not available. Default value: FALSE.

  • LOGIN_IF_REVOCATION_SOURCE_NOT_AVAILABLE = FALSE


Note: For this property to execute, make sure that 'ADSS Server user TLS client certificates' check is enabled under Revocation Settings section in Global Settings → Miscellaneous.

Invalidate console on logout

TLS session with the ADSS Server Console will be invalidated upon logout if enabled and one have to relaunch the browser to re-login the console.

  • INVALIDATE_SSL_ON_LOGOUT = FALSE

Key deletion from PKCS#11

Used to control the deletion of Key Manager keys from PKCS#11 device. When enabled, delete action will also delete the key from PKCS#11 device. When disabled, delete action will only delete the key from database without effecting the key in PKCS#11 device.

  • ENABLE_PKCS11_KEY_DELETION = TRUE

Time period for Management Reporting

Number of days to display the report by default.

  • MANAGEMENT_REPORTING_DEFAULT_TIME_PERIOD = 30 

Console resolution

ADSS Server Console resolution can be adjusted depending on the size of the monitor's screen. The default resolution is set to STANDARD, in which the GUI is displayed at the centre of the screen at 1024 x 768 and it remains consistent on all resolutions. The possible values are:STANDARD, FIT_SCREEN.

  • DISPLAY_RESOLUTION = STANDARD


Note: Setting the value to FIT SCREEN, will stretch the GUI based on the screen's resolution.

Database connections settings

In ADSS Server Console settings, database connection can be re-configured so that the connections can be reused when future requests to the database are required. The default parameter values are:

  • CONNECTION_POOL_QUERY_TIMEOUT = 180
    Number of seconds a query will wait for the database to return the results before terminating the connection.
  • ENABLE_DB_CONNECTION_COUNTER = FALSE
    Used to display the database connections details of logs. To enable logging, uncomment the "File Appenders for Temporary c3p0" appender in console/log.properties file as well.
  • hibernate.c3p0.minPoolSize = 20
    Minimum number of connections a pool will maintain at any given time for ADSS Server Core instance.
  • hibernate.c3p0.maxPoolSize = 50
    Maximum number of Connections a pool will maintain at any given time for ADSS Server Core instance.
  • hibernate.c3p0.maxIdleTime = 900
    Seconds a connection can remain pooled but unused before being discarded. Zero means idle connections never expire.
  • hibernate.c3p0.acquireIncrement = 10
    Determines how many connections at a time c3p0 will try to acquire when the pool is exhausted
  • hibernate.c3p0.checkoutTimeout = 600000
    The number of milliseconds a client calling getConnection() will wait for a connection to be checked-in or acquired when the pool is exhausted. Zero means wait indefinitely. Setting any positive value will cause the getConnection() call to time-out and break with an SQLException after the specified number of milliseconds.


For more details, follow the link: http://www.mchange.com/projects/c3p0/

Maximum records in a grid

This property is used to set the maximum number of records in a grid.

  • PAGE_RECORD_SIZE_MAX = 100

 

See also

General
Core Instance
Console Instance
Service Instance