Deploy-time Configuration

Properties configured in conf/signserver_deploy.properties are used when deploying SignServer to the application server. The properties include settings used by the deployment script to find the application server, the database type to use, and other settings included in the deployment of the application.

To ensure that changes in signserver_deploy.properties and databasprotection.properties take affect, the application needs to be deployed again using bin/ant deploy. It is however not necessary to run bin/ant clean.

See the sample configuration script conf/signserver_deploy.properties.sample for available options and default values.

CryptoToken Configuration

Property

Description

cryptotoken.disablekeygeneration

Disable the key generation functionality for all crypto tokens.

Default: false

With this property set to true, worker key renewal and key generation operations in crypto tokens are being denied with the error message "Key generation has been disabled". Additionally, the key generation pages in Admin Web are disabled.
The purpose of using this option could be that key generation should be carried out by a different procedure outside of SignServer possibly with dual person control.

Database Configuration

Property Description

database.hibernate.disable.cache

Disable the hibernate L2 (Second-level) and query cache.

Default: false

With this property set to true, the SignServerJPA and ejbca persistence units will be deployed with some extra elements to disable the L2 and query cache.

The elements added are:

CODE

<property name="hibernate.cache.use_second_level_cache" value="false"/>

<property name="hibernate.cache.use_query_cache" value="false"/>

<property name="hibernate.cache.region.factory_class" value="org.hibernate.cache.internal.NoCachingRegionFactory"/>

The results of disabling the L2 and query cache have not been tested, but it is expected to have a negative impact on performance.