Skip to main content
Skip table of contents

HSMKeepAliveTimedService

Fully qualified class name: org.signserver.server.timedservices.hsmkeepalive.HSMKeepAliveTimedService

Overview

The HSMKeepAliveTimedService is a timed service that can be used to periodically run the test key operation on selected crypto workers. This is intended as a measure to prevent HSM connections timing out. When set, the service uses the key alias TESTKEY for the workers. Otherwise, the service falls back on DEFAULTKEY.

If if TESTKEY is set but the service did not succeed when testing the key, the service does not fallback on DEFAULTKEY.

Available Properties

Property

Description

CRYPTOTOKENS 

Specifies the comma-separated list of worker names or worker IDs of workers whose keys should be tested. This would typically be crypto workers, such as workers corresponding to different slots in an HSM, but could also be regular workers with crypto tokens configured directly. This property is required, but can be set to an empty value if only audit logging is needed.

If secure audit logging is used and a separate crypto token is used for logging, service logging using the WORK_LOG_TYPES property and the SECURE_AUDITLOGGING value can be used to write to the audit log at the same time as testing crypto worker keys. This keeps the auditlog crypto token from timing-out. For more information, see SignServer Timed Services.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close