# Sample configuration of a MSAuthCodeTimeStampSigner # ## General properties WORKERGENID1.TYPE=PROCESSABLE WORKERGENID1.IMPLEMENTATION_CLASS=org.signserver.module.tsa.MSAuthCodeTimeStampSigner # Name of the worker if referenced by name instead of Id. WORKERGENID1.NAME=MSAuthCodeTimeStampSigner # Authentication. One of NOAUTH, CLIENTCERT, org.signserver.server.UsernamePasswordAuthorizer, org.signserver.server.UsernameAuthorizer WORKERGENID1.AUTHTYPE=NOAUTH # Crypto token WORKERGENID1.CRYPTOTOKEN=CryptoTokenP12 #WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11 #WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11NG1 #WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11NG1KeyWrapping # Using key from sample keystore WORKERGENID1.DEFAULTKEY=ts00003 # Key using ECDSA #WORKERGENID1.DEFAULTKEY=ts00002 # Check validity period of the certificate will be verified before processing. Default true. #WORKERGENID1.CHECKCERTVALIDITY=true # Check validity of the PrivateKeyUsagePeriod in the certificate will be verified before processing if it is present. Default true. #WORKERGENID1.CHECKCERTPRIVATEKEYVALIDITY=true # Check the minimum remaining days of the signing certificate before expiration. 0 means disable. Default 0. #WORKERGENID1.MINREMAININGCERTVALIDITY=0 # Sets how many signatures that are allowed to be created with the same key by this worker. Default is -1 (no limit). # The counter is per key so if multiple workers share the same key they will all increment the counter. #WORKERGENID1.KEYUSAGELIMIT=-1 ## Archiving properties # Using the base 64 archiver #WORKERGENID1.ARCHIVERS=org.signserver.server.archive.base64dbarchiver.Base64DatabaseArchiver # Using the old database archiver #WORKERGENID1.ARCHIVERS=org.signserver.server.archive.olddbarchiver.OldDatabaseArchiver # Archiving only requests #WORKERGENID1.ARCHIVER0.ARCHIVE_OF_TYPE=REQUEST # Archiving only responses #WORKERGENID1.ARCHIVER0.ARCHIVE_OF_TYPE=RESPONSE # Archiving both requests and responses #WORKERGENID1.ARCHIVER0.ARCHIVE_OF_TYPE=REQUEST_AND_RESPONSE # Store forwarded address (from the X-Forwarded-For header) as the request address #WORKERGENID1.ARCHIVER0.USE_FORWARDED_ADDRESS=true # Include additional forwarded addresses (apart from the last), only applies if the property above is set #WORKERGENID1.ARCHIVER0.MAX_FORWARDED_ADDRESSES=3 # Included direct (non-forwarded address) at the end of forwarded addresses #WORKERGENID1.ARCHIVER0.INCLUDE_DIRECT_ADDRESS=true ## TSA properties # Optional. Class implementing the ITimeSource. #WORKERGENID1.TIMESOURCE=org.signserver.server.LocalComputerTimeSource # Optional. The signature algorithm to use. #WORKERGENID1.SIGNATUREALGORITHM=SHA256WithRSA # Optional. Include the SigningCertificate CMS attribute in the responses. #WORKERGENID1.INCLUDE_SIGNING_CERTIFICATE_ATTRIBUTE=true # If the key usage counter is disabled WORKERGENID1.DISABLEKEYUSAGECOUNTER=true