Skip to main content
Skip table of contents

_Certificate Validity Checks

By default, the SignServer checks if the signer certificate of a signer is valid before letting the signer process a request. If the signers certificate is not valid, an error message is returned.

There are two properties that can be set to disable checking the validity of signer certificates:

Property

Default

Description

CHECKCERTVALIDITY

True

Set to true to verify the validity period of the certificate before processing. Set to false to ignore if the certificate is expired or not yet valid.

CHECKCERTPRIVATEKEYVALIDITY

True

Set to true to verify the validity period in the PrivateKeyUsagePeriod of the certificate before processing. This is only done if this extension exists (it is optional in a certificate). Set to false to ignore the PrivateKeyUsagePeriod.

MINREMAININGCERTVALIDITY

0

This property defines a minimum remaining validity time required of the signing certificate. If the signing certificate expires within the number of days specified an error occurs. Set to 0 (default) to disable this check.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close