The default archiver used if the the property ARCHIVE=true is set, or if the ARCHIVERS property contains its class name. This Archiver archives to the ArchiveData database table using the same datasource as SignServer uses for accessing the database for its configuration etc.
The data is stored in an XML encoded Base64PutHashMap. In the dataEncoding column, this format is indicated as DATA_ENCODING_XML.
Where "x" is the index of the Archiver in the ARCHIVERS property. Determines what this Archiver should archive. Valid values:
|ARCHIVERx.USE_FORWARDED_ADDRESS||Where "x" is the index of the archiver in the ARCHIVERS property. If this property is set to true, IP addresses in the comma-separated list given in the X-Forwarded-For header is used as the remote IP stored in the archive in case this header is set (by default the last forwarded address is used). If the header is not included, the IP address the request comes from, is used (the same behavior as when this property is not set, or set to false). This is useful when running a proxy in front of SignServer, to record the original IP address of the client, instead of the proxy's IP address. Default: false.|
|ARCHIVERx.MAX_FORWARDED_ADDRESSES||Where "x" is the index of the archiver in the ARCHIVERS property. Sets the maximum number of forwarded addresses to add the remote IP in the archive, counted from the end. The addresses are listed in the order they appear in the header. Default: 1 (only include the last address). This property is only used when USE_FORWARDED_ADDRESS is set to true.|
|ARCHIVERx.INCLUDE_DIRECT_ADDRESS||Where "x" is the index of the archiver in the ARCHIVERS property. When both this property and USE_FORWARDED_ADDRESS is set to true, the host IP address (direct address) is added to the end of the list of forwarded addresses. This address is not taken into account for the number of forwarded addresses by MAX_FORWARDED_ADDRESSES above. Default: false (not included). This property is only used when USE_FORWARDED_ADDRESS is set to true.|
The exact database table structure is described in the SQL scripts available under doc/sql-scripts/.
|uniqueId||Primary key of the archive row.|
|archiveData||The actual data encoded in an Base64PutHashMap.|
Identifier for the produced item.
For the TimeStampSigner, this would be the Time stamp token serial number (in hex encoding). Other signers might use a hash of the request document and the transaction ID.
|Serial number (in hex encoding) of the client certificate (if any) used by the client.|
This only indicates that the client certificate was used when establishing the connection to the web server, and not wether the worker required a client certificate or not, nor if it checked if the authenticated client was authorized.
|requestIP||By default IP address of the host connecting. When USE_FORWARDED_ADDRESS is set to true, this contains a list of forwarded IP addresses from X-Forwarded-For optionally ending with the host address (when setting INCLUDE_DIRECT_ADDRESS to true).|
Issuer DN (in string representation) of the issuer of the client certificate (if any) used by the client.
See also note about requestCertSerialnumber.
|signerId||ID of the worker handling the request.|
|time||Time stamp (number of milliseconds since January 1 1970 00:00:00) on the SignServer host when the item where archived.|
|type||The type of archivable item. Valid values:|
0 - TYPE_RESPONSE
1 - TYPE_REQUEST
Type of encoding used for the archiveData. Valid values:
Where DATA_ENCODING_XML uses the Base64PutHashMap, and DATA_ENCODING_BASE64 uses a plain Base64 encoding of the binary data.