SignServer Reference
This Reference covers information on configuration options, workers, and components, as well as information on the different SignServer User interfaces available.
Highlights
SignServer User Interfaces
The following SignServer user interfaces are available for administrating SignServer.
Administration CLI
The SignServer Administration CLI (AdminCLI) is a command-line interface for administrating SignServer.
Administration Web
The SignServer Administration Web (AdminWeb) is a web interface for administrating SignServer, supporting the configuration of workers and associated key management as well as querying the audit log and archive.
Database CLI
enterprise
The SignServer Database CLI uses the Java Persistence API (JPA) to connect to the SignServer database.
Administration Web Services
In addition, the Administration Web Services (WS) interface allows remote administration of SignServer over client authenticated HTTPS.
Deploy-time Configuration
Information on Deploy-time Configuration properties used when deploying SignServer to the application server.
SignServer Workers
Covers information on SignServer workers (such as Signers and Document Validators) configured to perform certain activities like signing files of a certain type, often with a specific key. For an overview, see SignServer Workers
SignServer Components
SignServer Components (such as Crypto Tokens and Authorizers) provide specific functionality and are configured in the SignServer workers. For more information, see SignServer Components
Logging
SignServer uses Log4j for debug logging and the security events logger from CESeCore for system/audit logging. In addition, the worker logger (transaction log) can be configured to use Log4j and/or the security events logger. See Logging.
Authentication and Authorization
Client Authentication and Authorization can be configured per-worker and occurs in different components as the request comes in.
Health Check
The Health Check service is used for health monitoring and is useful for clusters.
SignServer TimeMonitor
enterprise
The external SignServer TimeMonitor application can be used together with the StatusReadingLocalComputerTimeSource for monitoring the local time and informing SignServer about its state. For more information, see SignServer TimeMonitor Application.
Peer Systems
enterprise
For more information on the SignServer support for incoming peer connections, see Peer Systems.
Client-Side Hashing
SignServer provides various options for performing the hashing on the client-side instead of completing the signing steps on the server-side, allowing you to avoid sending the original file to the server.
Key Wrapping
enterprise
Key wrapping allows solving issues arising when the number of keys you need to handle exceeds the amount that can be stored in a limited storage space for an HSM. The feature enables exporting the key material in a protected manner and storing the wrapped, encrypted key in an external database.
Developer Reference
For instructions needed for building and developing SignServer, see Developer Reference
Internationalization
For information on the different languages supported by the AdminWeb and more information about the translation process, see Internationalization.