General Settings
General Settings for ADSS Web RA application allows an administrator/service provider to configure application name, company name, application URLs and other basic settings to configure the application. You can go through the upcoming sections to learn about the details of each feature. To manage the general settings, perform the following steps:
- Click Configurations from the left menu.
- Click General Settings.
General
|
Field |
Description |
|
Installation Name |
Installation name is the application name that appears in the browser header and notification emails. You can continue with the default name of the application or can change it to a name of your choice e.g. Certificate Hub |
|
Company Name |
Name of the company providing the service to the end users. This name is used in the email notifications and ADSS Web RA Web status bar |
|
Support Email Address |
Support email address that will be shown in the error message toaster of the application. The users can send the email on this address if they find any issue with the application. |
|
Admin Address (Public) |
Public URL to ADSS Web RA Admin instance that is accessible to all the ADSS Web RA and Enterprise administrators over mutual TLS authentication only. If the ADSS Web RA is configured in the militarized environment where there is no internet access on the server and you want the Enterprises Administrators to manage their enterprises outside the organization then this address must be accessible over the internet. If the ADSS Web RA is deployed behind a proxy server, load-balancer or web application firewall (WAF), the connection should not be terminated on the proxy server, otherwise communication with the server will fail. The connection must be configured on the Layer 4 so that it may terminate on the application server instead of the proxy server. |
|
Web Address (Public) |
Public URL of ADSS Web RA Web instance that is accessible to all the ADSS Web RA users. This URL is used in the notification email links that are sent to the end users. |
|
API Address (Public) |
Public URL to ADSS Web RA API instance that is used for the Web API/RESTful API calls. |
|
Help Manual |
Public URL to ADSS Web RA help guide for the current version of the application. If no link is mentioned in this field, the Help button will appeared disabled to the user. |
|
Enable password protection as a second factor authentication for administrators with the TLS client authentication |
Administrators can access the portal using their TLS authentication certificates. If additional security is needed, admin password authentication can be enabled to ask for a password as a second factor authentication in addition to the TLS Client Authentication. In case, an Admin does not have their password set previously, then after a successful login through TLS Client Authentication, the user will be asked to set a password for him. Once set, the user will be redirected to the login page to enter the password. If you don't want two-factor authentication for your Admin users, keep this check box unchecked. |
Session and Link Expiry Management
|
Field |
Description |
|
Admin Session Timeout (mins) |
If the Administrator session is not used for the configured number of minutes then the application will be logged out automatically to avoid identity theft. An Administrator will have to re-login in such case. |
|
User Session Timeout (mins) |
If the ADSS Web RA Web session is not used for the configured number of minutes then the application will be logged out automatically to avoid the identity theft. The end user have to re-login if the application in that case. |
|
Access Token Expiry (mins) |
Expiry configuration for access token generated for the OAuth API communication, default value is 1440 minutes. |
|
Refresh Token Expiry Time (Days) |
Expiry configuration for refresh token generated, default value is 1 day. |
|
Email Link Expiry (mins) |
Duration of a link expiry in minutes, these links are usually sent out to the end users in emails. |
|
OTP Expiry Time (mins) |
The OTP will expire after these minutes. |
Vetting Method Settings
|
Field |
Description |
|
Vetting Option |
This setting describes if an Administrator requires a vetting form from its users while creating certification profiles or not. If vetting is enabled here, the vetting form will appear in the certification profiles. In case, no vetting is selected, it will not appear in the certification profiles. |
Dual Control
|
Field |
Description |
|
Enable Dual Control on Certificate Request Management |
By default, dual control is disabled. This feature allows an RAO to review the certificate requests that are coming from another RAO. The dual control function is only applicable to certificate requests instead of the application configurations. |