Skip to main content
Skip table of contents

CLI Interface - Server Mode

For instructions on using different 3rd party signing tools with the Windows Agent see Signing Tool Examples

Notes about this Mode

  • As of Signum 4.30.1, it is possible to select which store to install certificates into either the User or Machine store in windows.

  • Only the LocalUsers is supported as the Domain type at this time.

Installation Example

  1. Download the Signum Windows Agent MSI installer

  2. In the same directory as the MSI installer create a new plain text file with the extension .bat, for example “signum-agent-config.bat” .

  3. Copy and paste the text below, modifying the properties as needed to match the environment. Ensure the file name of the agent matches the file name of the msi that was downloaded.

CODE 
msiexec /i kf-agent-x64-4.30.1-456b2f45-MS-WO_Trust.msi /qb ^
RTPRIMARY="Deployment URL" RTSECONDARY="Deployment URL" ^
CLIENTID="The ClientID from the SaaS Portal" ^
AuthMode="LocalUsers" AGENTMODE="SERVER" ^
Language="en-US" ^  
echo Exit Code is %errorlevel%

  1. With both the .bat file and msi in the same directory run the .bat file by double clicking in Windows Explorer and this will launch the Installer.

Sever Mode Parameters

Parameter

Setting

Function

NO_RUN_SERVICE

1

Optional parameter that can be included when running the MSI installer to stop the Service from automatically starting. This can be useful in situations where the Agent is included in a base VM Image to prevent the same AgentID from being generated and duplicated across different images.

Using the Setup Tool

With the Agent msi installed (see Installation above), the CLI tool for authenticating users to the service can be found in C:\Program Files\KeyFactor\rtsetup.exe. To run the setup tool in PowerShell it can be set to PATH for the current terminal using.

CODE 
$env:PATH = "C:\Program Files\KeyFactor\;" + $env:PATH

Logging In

The password can optionally provide as a -password parameter or if not supplied there will be a prompt where it can be entered via STDIN.

CODE 
rtsetup.exe -authMode=LocalUsers -username=test@domain

Will return

CODE 
password:
RTService currently has status Running, the service is stopping
Starting RTService
RTService currently has status Running
RTService restarted.
Warning! Applications that are currently open must be restarted in order to refresh certificates from Signum.

Certificate Store Selection

The Signum Agent needs to be 4.30.1 or higher

Using the -targetStore flag either the User Certificate Store “MY” can be used or the Local Machine Certificate Store “LocalMachine”. This will place the certificates from Signum in the selected store which can be useful for certain Microsoft Development tools that require the certificates to be stored in a specific location.

Example using the User Certificate Store

CODE 
rtsetup.exe -authMode=LocalUsers -username=test@domain -targetStore=My

Example using the Local Machine Store

CODE 
rtsetup.exe -authMode=LocalUsers -username=test@domain -targetStore=LocalMachine

Logout Example

CODE 
rtsetup.exe logout
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close