General Settings
General Settings for ADSS Web RA application allows an administrator/service provider to configure application name, company name, application URLs and other basic settings to configure the application. You can go through the upcoming sections to learn about the details of each feature. To manage general settings, perform the following steps:
Expand Configurations > General Settings from the left menu.
General
|
Field |
Description |
|
Installation Name |
Installation name is the application name that appears in the browser header and notification emails. You can continue with the default name of the application or can change it to a name of your choice e.g. Certificate Hub |
|
Company Name |
Name of the company providing the service to the end users. This name is used in the email notifications and ADSS Web RA Web status bar |
|
Support Email Address |
Support email address that will be shown in the error message toaster of the application. The users can send the email on this address if they find any issue with the application. |
|
Admin Address (Public) |
Public URL to ADSS Web RA Admin instance that is accessible to all the ADSS Web RA and Enterprise administrators over mutual TLS authentication only. If the ADSS Web RA is configured in the militarized environment where there is no internet access on the server and you want the Enterprises Administrators to manage their enterprises outside the organization then this address must be accessible over the internet. If the ADSS Web RA is deployed behind a proxy server, load-balancer or web application firewall (WAF), the connection should not be terminated on the proxy server, otherwise communication with the server will fail. The connection must be configured on the Layer 4 so that it may terminate on the application server instead of the proxy server. |
|
Web Address (Public) |
Public URL of ADSS Web RA Web instance that is accessible to all the ADSS Web RA users. This URL is used in the notification email links that are sent to the end users. |
|
API Address (Public) |
Public URL to ADSS Web RA API instance that is used for the Web API/RESTful API calls. |
|
Public URL to ADSS Web RA help guide for the current version of the application. If no link is entered in this field, the Help button will appear in a disabled form to the user in the ADSS Web RA Admin and Web portal. |
|
|
Enable password protection as a second factor authentication for administrators with the TLS client authentication |
Administrators can access the portal using their TLS authentication certificates. If additional security is needed, admin password authentication can be enabled to ask for a password as a second factor authentication in addition to the TLS Client Authentication. In case, an Admin does not have their password set previously, then after a successful login through TLS Client Authentication, the user will be asked to set a password for him. Once set, the user will be redirected to the login page to enter the password. If you don't want two-factor authentication for your Admin users, keep this check box unchecked. |
Session and Link Expiry Management
|
Field |
Description |
|
Admin Session Timeout (mins) |
If the Administrator session is not used for the configured number of minutes then the application will be logged out automatically to avoid identity theft. An Administrator will have to re-login in such case. |
|
User Session Timeout (mins) |
If the ADSS Web RA Web session is not used for the configured number of minutes then the application will be logged out automatically to avoid the identity theft. The end user have to re-login if the application in that case. |
|
Access Token Expiry Time (mins) |
Expiry configuration for access token generated for the OAuth API communication, default value is 1440 minutes. |
|
Refresh Token Expiry Time (Days) |
Expiry configuration for refresh token generated, default value is 1 day. |
|
Email Link Expiry (mins) |
Duration of a link expiry in minutes, these links are usually sent out to the end users in emails. |
|
OTP Expiry Time (mins) |
The OTP will expire after these minutes. |
|
Field |
Description |
|
Vetting Option |
This setting describes if an Administrator requires a vetting form from its users while creating certification profiles or not. If vetting is enabled here, the vetting form will appear in the certification profiles. In case, None vetting option is selected, it will not appear in the certification profiles and service plans. |
|
Field |
Description |
|
Enable Dual Control |
By default, dual control is disabled. This feature allows an RAO to review the certificate requests that are coming from another RAO. Dual Control can be configured in the access control section. Dual Control function is not available for configuration and background job as well. |
|
Dual Control Modules |
This drop down allows an operator to pick a module from configurations, requests and background jobs. |
