# Sample configuration of a CMSSigner. # ## General properties WORKERGENID1.TYPE=PROCESSABLE WORKERGENID1.IMPLEMENTATION_CLASS=org.signserver.module.cmssigner.CMSSigner WORKERGENID1.NAME=CMSSigner WORKERGENID1.AUTHTYPE=NOAUTH # Crypto token WORKERGENID1.CRYPTOTOKEN=CryptoTokenP12 #WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11 #WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11NG1 #WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11NG1KeyWrapping # Using key from sample keystore WORKERGENID1.DEFAULTKEY=signer00003 # Key using ECDSA #WORKERGENID1.DEFAULTKEY=signer00002 # If the content should be encapsulated or not WORKERGENID1.DETACHEDSIGNATURE=FALSE #WORKERGENID1.DETACHEDSIGNATURE=TRUE # If the requester should be able to decide about including the content or not WORKERGENID1.ALLOW_DETACHEDSIGNATURE_OVERRIDE=FALSE #WORKERGENID1.ALLOW_DETACHEDSIGNATURE_OVERRIDE=TRUE # If the signer should by default use client-side hashing (the request data # to the signer is implied to be the pre-computed digest), this requires # the ACCEPTED_HASH_DIGEST_ALGORITHMS property to be set #WORKERGENID1.CLIENTSIDEHASHING=true # If the signer should allow overriding whether the request is using a client- # side digest or not (by a request metadata parameter) #WORKERGENID1.ALLOW_CLIENTSIDEHASHING_OVERRIDE=true # Accepted digest hash algorithms used when the request is using a client-side # hash, this is required if any of CLIENTSIDEHASHING, # or ALLOW_CLIENTSIDEHASHING_OVERRIDE is defined and set to "true" WORKERGENID1.ACCEPTED_HASH_DIGEST_ALGORITHMS=SHA-256,SHA-384,SHA-512 # Signature algorithm # Default: SHA256 with RSA or ECDSA depending on key #WORKERGENID1.SIGNATUREALGORITHM=SHA256withRSA #WORKERGENID1.SIGNATUREALGORITHM=SHA256withECDSA WORKERGENID1.SIGNATUREALGORITHM= # If a digest of the request should be computed and logged # Default: false #WORKERGENID1.DO_LOGREQUEST_DIGEST=true #WORKERGENID1.DO_LOGREQUEST_DIGEST=false WORKERGENID1.DO_LOGREQUEST_DIGEST= # The digest algorithm to use for the request in the log # Default: SHA256 #WORKERGENID1.LOGREQUEST_DIGESTALGORITHM=SHA256 WORKERGENID1.LOGREQUEST_DIGESTALGORITHM= # If a digest of the response should be computed and logged # Default: false #WORKERGENID1.DO_LOGRESPONSE_DIGEST=true #WORKERGENID1.DO_LOGRESPONSE_DIGEST=false WORKERGENID1.DO_LOGRESPONSE_DIGEST= # The digest algorithm to use for the request in the log # Default: SHA256 #WORKERGENID1.LOGRESPONSE_DIGESTALGORITHM=SHA256 WORKERGENID1.LOGRESPONSE_DIGESTALGORITHM= # If the key usage counter is disabled WORKERGENID1.DISABLEKEYUSAGECOUNTER=true