Hi, i deployed signserver CE 3.7.0 on jboss 7.1 (OS ubuntu 14.04.x), signserver.ear is bilded and deployed without error. I followed steps in https://www.signserver.org/manual/complete.en.html#Loading.
Created p12 keystore and run
bin/signserver setproperties doc/sample-configs/keystore-crypto-configuration.properties
here is active/active without errors
Next
bin/signserver setproperties doc/sample-configs/qs_timestamp_configuration.properties
bin/signserver uploadsignercertificate 2 GLOB /opt/signserver/res/test/timestampit2.pem
bin/signserver uploadsignercertificatechain 2 GLOB /opt/signserver/res/test/timestampit2_chain.pem
bin/signserver reload 2
bin/signserver getstatus complete 2
and the error "Errors: - No signer certificate available"
Worker status : Offline
Token status : Active
but on botton has
Signer certificate:
Subject DN: CN=alabala.stapit.org,OU=Time,O=IO,L=Sofia,C=BG
timestampit2.pem is signed with "X509v3 Extended Key Usage: critical Time Stamping"
Every help is appreciated!
Regards
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Do you have a DEFAULTKEY property specified in your time-stamp signer worker?
The property should contain the key alias of the key in the crypto token.
Hi Markus, i don't have defaultkey property, for "TimeStampSigner" configuration, i use http://www.signserver.org/manual/complete.en.html#Time-stamp%20Signer
but already i have :), due piece of bit from you.
bin/signserver setproperty 2 defaultkey kopar
bin/signserver reload 2
Status of Signer with id 2 (TimeStampSigner) is:
Worker status : Active
Token status : Active
Signings : 0
bin/signclient timestamp http://localhost:8080/signserver/process?workerName=TimeStampSigner
2015-12-16 01:27:26,571 INFO [TimeStampCommand] Got reply after 125 ms
2015-12-16 01:27:26,650 INFO [TimeStampCommand] TimeStampRequest validated
after litle play/test with keystore-crypto-token i try to connect with pkcs11 to HSM
Thanks and best regards
Deyan
ps. where can i read complete manual?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi, i deployed signserver CE 3.7.0 on jboss 7.1 (OS ubuntu 14.04.x), signserver.ear is bilded and deployed without error. I followed steps in https://www.signserver.org/manual/complete.en.html#Loading.
Created p12 keystore and run
bin/signserver setproperties doc/sample-configs/keystore-crypto-configuration.properties
here is active/active without errors
Next
bin/signserver setproperties doc/sample-configs/qs_timestamp_configuration.properties
bin/signserver uploadsignercertificate 2 GLOB /opt/signserver/res/test/timestampit2.pem
bin/signserver uploadsignercertificatechain 2 GLOB /opt/signserver/res/test/timestampit2_chain.pem
bin/signserver reload 2
bin/signserver getstatus complete 2
and the error "Errors: - No signer certificate available"
Worker status : Offline
Token status : Active
but on botton has
Signer certificate:
Subject DN: CN=alabala.stapit.org,OU=Time,O=IO,L=Sofia,C=BG
timestampit2.pem is signed with "X509v3 Extended Key Usage: critical Time Stamping"
Every help is appreciated!
Regards
Hi Deyan,
Do you have a DEFAULTKEY property specified in your time-stamp signer worker?
The property should contain the key alias of the key in the crypto token.
Regards,
Markus
PrimeKey Solutions
Save time and money with an Enterprise support subscription. Please see www.primekey.se for more information.
https://www.primekey.se/technologies/products-overview/
https://www.primekey.se/service-support/support/
Hi Markus, i don't have defaultkey property, for "TimeStampSigner" configuration, i use http://www.signserver.org/manual/complete.en.html#Time-stamp%20Signer
but already i have :), due piece of bit from you.
bin/signserver setproperty 2 defaultkey kopar
bin/signserver reload 2
Status of Signer with id 2 (TimeStampSigner) is:
Worker status : Active
Token status : Active
Signings : 0
bin/signclient timestamp http://localhost:8080/signserver/process?workerName=TimeStampSigner
2015-12-16 01:27:26,571 INFO [TimeStampCommand] Got reply after 125 ms
2015-12-16 01:27:26,650 INFO [TimeStampCommand] TimeStampRequest validated
after litle play/test with keystore-crypto-token i try to connect with pkcs11 to HSM
Thanks and best regards
Deyan
ps. where can i read complete manual?