Hi!
I was wondering... signserver can be used for user signature?
If yes, can it be integrate with ejbca somehow?
I would like to have the posibility to sign documents with different keys, and to manage he private keys in order to assure the end-users that the private key cannot be obtained by the signserver without the user consent.
As I read, you can use it for TSA, where signserver will sign everythime with the same key, but I would like to sign with a key selected based on an username (for example).
Last edit: Iulian Aciobanitei 2017-05-31
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
You can use different keys and certificates by using multiple workers each configured to use a specific key/certificate.
An other alternative is to configure the worker with an AliasSelector [1] which can be used to for instance use a different key based on the user name.
SignServer will still be using the private key though, either directly for soft keystores or using a hardware security module.
Hi!
I was wondering... signserver can be used for user signature?
If yes, can it be integrate with ejbca somehow?
I would like to have the posibility to sign documents with different keys, and to manage he private keys in order to assure the end-users that the private key cannot be obtained by the signserver without the user consent.
As I read, you can use it for TSA, where signserver will sign everythime with the same key, but I would like to sign with a key selected based on an username (for example).
Last edit: Iulian Aciobanitei 2017-05-31
Hi Iulian,
You can use different keys and certificates by using multiple workers each configured to use a specific key/certificate.
An other alternative is to configure the worker with an AliasSelector [1] which can be used to for instance use a different key based on the user name.
SignServer will still be using the private key though, either directly for soft keystores or using a hardware security module.
[1] https://www.signserver.org/doc/current/manual/plugins.html#Alias_Selectors
Regards,
Markus
PrimeKey Solutions
Save time and money with an Enterprise support subscription. Please see www.primekey.com for more information.
https://www.primekey.com/products/software/