Master List Creation
This section describes managing master list content and signing the content in order to create a master list.
As described in NPKD Introduction, the sign master list content operation creates and imports the master list into the NPKD database.
For instructions on how to add CSCA certificates to a master list, see CSCA Certificate Details.
Manual Signing of Master List Content
To manually initiate signing of master list content, do the following:
- Click Sign Master List on the main menu to open the Master List Signing page, were you can examine CSCA certificates currently in the master list content.
- Click Sign Master List to sign the master list content.
A detailed view of the the CSCA certificates to be included in the master list is displayed on the Master List Detail Content tab. The following shows an example of the tab content.
Note the following:
- The Master List Signer in SignServer must have the CSCA in its certificate chain, or you will get an error like the following:
Connection to SignServer failed. SignServerException calling signer with ID 3009: The Master List Signer certificate MUST be included and the CSCA certificate SHOULD be included in the certificate chain
- The CSCA that has signed the Master List Signer certificate must be added to the Master List. Otherwise, verification will fail with the following error:
Failed to create MasterList from SignServer response. [parsing]Could not find home CSCA certificate inside signed content