Skip to main content
Skip table of contents

User Interface - User Mode

For instructions on using different 3rd party signing tools with the Windows Agent see Signing Tool Examples . With the Agent installed in this mode, Certificates will be available in the users Personal Store in Windows.

Installation Example

  1. Download the Signum Windows Agent MSI installer

  2. In the same directory as the MSI installer create a new plain text file with the extension .bat, for example “signum-agent-config.bat” .

  3. Copy and paste the text below, modifying the properties as needed to match the environment. Ensure the file name of the agent matches the file name of the msi that was downloaded.

CODE 
msiexec /i kf-agent-x64-4.30.1-456b2f45-MS-WO_Trust.msi ^
RTPRIMARY="Deployment URL" RTSECONDARY="Deployment URL" ^
CLIENTID="The ClientID from the SaaS Portal" ^
AuthMode="SAML2" AGENTMODE="USER" DefaultDomain="somedomain.com" ^
Language="en-US" ^  
echo Exit Code is %errorlevel%

  1. With both the .bat file and msi in the same directory run the .bat file by double clicking in Windows Explorer and this will launch the Installer.

With the agent installed in USER mode which includes an interactive User Interface. A Windows process named “RTTrayApp” will be running. Navigating to the System tray will show an icon for the Keyfactor Signum Agent.

Right clicking on the tray Icon will bring up several options.

About

Information about the Agent.

Settings

Note, this option is only present if the AuthMode is LocalUsers. The Settings section allows a user assigned to a LocalUsers Domain an option to update their credentials to the service.

Certificates

The Certificates part of the Agent only shows what certificates are available to the authenticated user based on the policies that have been defined. If multiple certificates are listed, making no selections in this window will make all of those certificates available and is the default behavior. Making a specific selection here will make only the selected certificates available on the machine. These certificates will also be viewable in the logged in users Personal Store (MY) in Windows.

Login

Selecting login on the Agent will bring up a login window where a LocalUser can enter their credentials. The option to remember user credentials is disabled by default, if enabled the user would automatically be logged in after restarting the machine. Logging out of the Agent would again prompt for the credentials. Reach out to Keyfactor about enabling this feature.

A user logging in to a Saml or Oauth Domain after clicking login the default browser will open to the IDP login page matching the identity provider that was defined in the Admin Web Console and included in the “DefaultDomain” Agent parameter.

Logout

Logging out will terminate the Signum session and requires the user to re-authenticate to connect.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close