This section describes how to log in to SignServer Cloud for the first time, following these steps:

To access the Admin Web of the deployed SignServer Cloud instance, the superadmin credentials need to be retrieved from the server and installed on a system and/or browser.

PrimeKey recommends using Mozilla Firefox since it currently has self-enrollment capabilities and its own keystore separate from the operating system. Note that if you are using Google Chrome, you will need to import the key file to the local machine keystore.

Step 1: Get the Instance ID 

You must use the Instance ID of your running instance to download and install the p12 file in the steps described below. To get the instance ID of your instance, do the following:

  1. In the Amazon EC2 Console, go to Instance details.
  2. In the lower pane, click the Description tab. The Instance ID is the ID for the instance. 
  3. Click the icon next to the instance ID to copy the instance ID to your clipboard.

Step 2: Download p12 file from SignServer Keystore Retrieval Webpage

To obtain the keystore:

  1. Enter the SignServer Keystore URL into your browser:
    https://<AWS Public DNS Name or AWS Public IP Address>/keystore
  2. The username is "superadmin" and the password is the Instance ID, see Step 1: Get the instance ID. If you copied the instance ID to your clipboard, paste it into the password field.


Note that these credentials only can be used once and when authenticated, these credentials are expired.

If you are not able to access the keystore retrieval page, refer to the Troubleshooting section.

Step 3: Download Credentials

  1. At the bottom of the Keystore retrieval page is the link to the superadmin.p12 file. Download this file and keep it safe.



  2. Upon clicking on the download link, a p12 file will be prompted to download. Please keep this file safe.

Note that once the download link is selected the keystore retrieval page will no longer be accessible. If the p12 file is ever lost it can be retrieved from the instance directly from the directory /opt/signserver/p12/pem.

Step 4: Install p12

With the p12 file downloaded, install the bundle on your system and/or browser's trust store.

To install the credentials in Mozilla Firefox:

  1. On the Firefox menu, select Preferences.
  2. Click Privacy & Security.
  3. Scroll down to the Security section and click View Certificates.
  4. On the tab Your Certificates, select Import.
  5. Browse to the p12 file to import and enter a password.
    The password is the Instance ID of the SignServer Cloud instance, see Step 1: Get the instance ID.

Step 5: Browse to SignServer Admin Web

With the credentials installed, select the AdminWeb or access to SignServer Admin Web at the URL:
https://<AWS Public DNS Name or AWS Public IP Address>/SignServer/adminweb.

If you are not able to access the Admin Web, refer to the Troubleshooting section.

You will be prompted with a certificate dialog to authenticate to the adminweb of your instance.