# Sample configuration of an OpenPGPSigner.
#

## General properties
WORKERGENID1.TYPE=PROCESSABLE
WORKERGENID1.IMPLEMENTATION_CLASS=org.signserver.module.openpgp.signer.OpenPGPSigner

WORKERGENID1.NAME=OpenPGPSigner
WORKERGENID1.AUTHTYPE=NOAUTH

# Crypto token
WORKERGENID1.CRYPTOTOKEN=CryptoTokenP12
#WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11
#WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11NG1
#WORKERGENID1.CRYPTOTOKEN=CryptoTokenP11NG1KeyWrapping

# Using key from sample keystore
WORKERGENID1.DEFAULTKEY=signer00003
# Key using ECDSA
#WORKERGENID1.DEFAULTKEY=signer00002

# If the signature should be detached
WORKERGENID1.DETACHEDSIGNATURE=TRUE
#WORKERGENID1.DETACHEDSIGNATURE=FALSE

# Signature digest algorithm
# Default: SHA-256
#WORKERGENID1.DIGEST_ALGORITHM=SHA-256
#WORKERGENID1.DIGEST_ALGORITHM=SHA-384
#WORKERGENID1.DIGEST_ALGORITHM=SHA-512
WORKERGENID1.DIGEST_ALGORITHM=

# Binary or ASCII armored response format
# Default: ARMORED
#WORKERGENID1.RESPONSE_FORMAT=BINARY
#WORKERGENID1.RESPONSE_FORMAT=ARMORED
WORKERGENID1.RESPONSE_FORMAT=

# Property for storing the PGP public key
# (Fill in this property later after obtaining the public key using the generate
#  CSR to have the User ID(s) added first)
WORKERGENID1.PGPPUBLICKEY=

# If the key usage counter is disabled 
WORKERGENID1.DISABLEKEYUSAGECOUNTER=true

# Property as a flag to use deprecated RSA_SIGN when generating PGPPUBLICKEY (default is true)
WORKERGENID1.CERT_GEN_USE_LEGACY_RSA_SIGN=false

# Set to true to make CSR generation generate a revocation certificate
#WORKERGENID1.GENERATE_REVOCATION_CERTIFICATE=true
WORKERGENID1.GENERATE_REVOCATION_CERTIFICATE=

# The number of seconds the key is valid for after its creation
# This property is used when a certification is added to the key so to extend the current validity, set a higher value and perform the certification again
# An empty value or zero means that the key does not expire
# Default: (empty)
WORKERGENID1.SELFSIGNED_VALIDITY=